1 / 18

NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019

NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019. Date: 29 September 2015 Time: 10:00. AGENDA. Background of the RFI Purpose of the RFI Scope of work Submission of responses Contact details Presentation by Ethics unit Questions and Answers.

eleanorn
Download Presentation

NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NON-COMPULSORY BRIEFING SESSIONREQUEST FOR INFORMATION: ICT SECURITY SOLUTIONSRAF /2015/00019 Date: 29 September 2015 Time: 10:00

  2. AGENDA • Background of the RFI • Purpose of the RFI • Scope of work • Submission of responses • Contact details • Presentation by Ethics unit • Questions and Answers

  3. BACKGROUND • RAF/2015/00019: Request for information: ICT Security Solutions. • RFI was advertised on Friday, 18 September 2015 • Closing on 20 October 2015 at 11h00

  4. PURPOSE OF THE RFB • The Road Accident Fund (RAF) is improving its Information Security infrastructure to ensure alignment to strategic objectives in both the Information Security & IT Risk Management strategies as well as compliance with legislation such as Protection of Personal Information (PoPI). The purpose of this RFI is to request appropriate best practice industry information that may be used in the drafting and publishing of a future bid process. • Background of the Project

  5. SCOPE OF WORK The RAF is seeking information from bidders to provide ICT Security Solutions or Services for a period of three (3) years. We are specifically looking for information about on-premise, cloud based or hybrid solutions/services. In the event of cloud based solutions, preference is for local bound solutions within the borders of South Africa. Our current IT infrastructure is centralized in Gauteng. Bidders can respond to one or more of the following solutions: • Identity and Access Management Solution (IAM); • Personal information Identification and Marking; • Database Activity Monitoring (DAM) Solution; • Unstructured Data Solution; and • Data Loss Prevention (DLP) Solution. The systems must have the capability to provide reports and analytics.

  6. SCOPE OF WORK continues The solutions/services scope covers: 1. Identity and Access Management Solution (IAM) key features: • Enhanced security for the identification, authentication and authorization of employees. • Centralization of authentication for easier user lifecycle management. • Multifactor authentication mechanisms. • Privileged user management.

  7. SCOPE OF WORK continues The solutions/services scope covers: 2. Personal information Identification and Marking key features: • Identify information stored on file servers, online portals, document management systems and notebook computers that may be sensitive information but not easily identifiable. • Identification, alerting and remediation of sensitive information with poor access controls • Definition of policies for protection, access rules and classification of personal information identified. • Supports the implementation of legislative requirements e.g. POPI

  8. SCOPE OF WORK continues The solutions/services scope covers: 3. Personal information Identification and Marking key features: • Database Activity Monitoring (DAM) Solution key features: • Enterprise database auditing and real-time protection. • Generation of log data for import into log management system. • Activity monitoring, intrusion prevention and risk management for business applications and databases • Fingerprinting database and application interactions to protect against threats. • Enforce information handling rules on databases and SharePoint • Fraud protection on all systems using backend databases including SAP

  9. SCOPE OF WORK continues 3. Personal information Identification and Marking key features: • Real time monitoring of unauthorized database access and document management systems • Detection of unauthorized access by administrators. • Ability to detect and respond to unauthorized activity by preventing access to data – operates like a database and application firewall • Ease of compliance reporting

  10. SCOPE OF WORK continues The solutions/services scope covers: 4. Unstructured Data Solution key features: • The solution has the capability to identify, monitor and access control information that is stored in shared servers and other file storage. • Authorized access to unstructured data is assured while audit trails are maintained for accessed data • Information classification implementation is enhanced through identification of data and owners.

  11. SCOPE OF WORK continues The solutions/services scope covers: 5. Data Loss Prevention (DLP) Solution key features: • Identify RAF Information and implement access control for data in motion and data at rest • Risk based tracking of data in motion and data at rest • Addressing of insider threats to organization by enforcing what users are permitted to transfer out of the organization.

  12. MANDATORY EVALUATION CRITERIA MANDATORY REQUIREMENTS

  13. The Proposal clearly marked and indexed with all pages numbered. • One (1) original and one (1) copy submitted in a sealed envelope, clearly marked (RAF/2015/00019), to the address provided below. • Submission Address : • Road Accident Fund • Eco Glades Reception (Block F) • 420 Witch-hazel Avenue, Centurion • Closing Time : 11:00 am (PER THE CLOCK AT THE RAF RECEPTION) • Closing Date : 20 October 2015 Submission of RFI responses

  14. Responses sent by courier must reach the reception at least 36 hours before the closing date (20 October 2015), to be deposited into the Bid box. • Submission Register must be signed at the reception by bidder when submitting bid documents. Important note: • Please ensure that the attendance register has been signed • Name of company • Contact details • If a courier company is submitting on behalf of the bidder please ensure that they write your company name and not the courier company name(for ease of reference) • Late response will not be considered Submission of RFI responses

  15. Contact Details • All queries must be forwarded to Noluthandon@raf.co.za • Enquiries and clarification will close on Wednesday, 30 September 2015. • Q and A Pack will be uploaded on the website on Monday, 05 October 2015 before COB.

  16. THANK YOU

  17. Presentation by Ethics unit • Presenter: Khali Mofuoa

  18. Questions and Answers ?

More Related