My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Professional Services Proposal - Criminal Justice Information Security Compliance Gap Assessment – Crowe LLP
sbend
>
Public
>
Public Works
>
Board of Works Documents
>
2019
>
Agreements/Contracts/Proposals
>
Professional Services Proposal - Criminal Justice Information Security Compliance Gap Assessment – Crowe LLP
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/4/2025 2:31:24 PM
Creation date
12/23/2019 11:32:41 AM
Metadata
Fields
Template:
Board of Public Works
Document Type
Contracts
Document Date
12/19/2019
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
26
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Show annotations
View images
View plain text
Proposal to Provide <br />CJIS Gap Assessment City of South Bend 16 <br />Client Listing <br />• Performed a maturity assessment of a large insurance provider's vulnerability management <br />program and developed a roadmap to improve capabilities. <br />• Assisted a large, multi -state insurance provider in designing and establishing an IT Risk <br />Management Program, aligning the program with existing Enterprise Risk Management initiatives, <br />executing an Enterprise IT Risk Assessment, assessing controls to mitigate risks, and designing <br />strategies to treat risks. <br />• Assisted a large government agency in addressing an executive order due to a data breach, which <br />included performing a data inventory, classifying and stratifying data repositories, defining a <br />cybersecurity framework, assessing controls, and defining a long term security roadmap. <br />• Assisted a State agency in designing and implementing an Enterprise Risk Management Program, <br />developed tools to support execution of the assessment, and trained personnel to manage the <br />program on an ongoing basis. <br />• Assisted an international hospitality company in designing and establishing an IT Risk Management <br />Program, defined IT risk, risk appetite and risk tolerance, developed tools to support the risk <br />management processes, assist with the integration of the process into the existing GRC platform, <br />and helped with the integration of supporting risk management programs into the overall program. <br />• Assisted a large insurance provider in assessing information security across the organization, <br />including through application specific assessments of critical portals leveraged for claims <br />management with members. <br />• Assisted a large, multi -state insurance provider in developing a physical security strategy, including <br />security guards, cameras, and ingress/egress doors to more effectively and efficiently manage <br />physical security risks. <br />• Assisted a large municipal utility by performing a mock audit against NERC's Critical Infrastructure <br />Protection standards. <br />• Assisted an electric and natural gas provider by conducting a mock audit against NERC's Critical <br />Infrastructure Protection standards and performing penetration testing to identify organizational <br />gaps, with follow-up procedures to help design and implement controls. <br />• Assisted an Independent System Operator (ISO) deploying smart grid technology by designing a <br />cybersecurity framework allowing them to oversee providers implementing the technology. <br />• Assisted a large financial institution in developing a Business Continuity Program, including the <br />performance of a business impact analysis, documentation of Business Continuity procedures, and <br />development of test plans. <br />• Assisted a university healthcare provider in evaluating existing disaster recovery procedures of key <br />organizational applications and providing recommendations to address existing gaps. <br />• Assisted an international manufacturing organization protect their intellectual property, particularly <br />within new facilities and third party vendors located overseas, by helping define an information <br />security framework and roadmap to address security gaps within the organization. <br />• Assisted a large insurance provider by evaluating the maturity of the IT Security function, identified <br />the organizations desired future state based on industry benchmark and organizational tolerances, <br />and developed a roadmap to achieve desired organizational capability and maturity levels. <br />• Assisted a large automotive retailer by assessing the maturity of the IT organization, provided <br />recommendations to address identified organizational gaps, and providing ongoing support and <br />guidance on strategic IT initiatives. <br />• Assisted an automotive retailer in responding to an inquiry from the Federal Trade Commission, <br />including a review ensuring they appropriately addressed the FTC Safeguards Rule. <br />• Assisted an automotive retailer by evaluating physical and logical security controls in place to <br />protect customer information and to satisfy regulatory requirements. <br />• Assisted a large transportation organization in assessing security within their critical infrastructure <br />technologies, including an analysis of the security controls and practices within their primary data <br />center and signaling environments. <br />
The URL can be used to link to this page
Your browser does not support the video tag.