Presentation is loading. Please wait.

Presentation is loading. Please wait.

NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00.

Similar presentations


Presentation on theme: "NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00."— Presentation transcript:

1 NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019
Date: 29 September 2015 Time: 10:00

2 AGENDA Background of the RFI Purpose of the RFI Scope of work
Submission of responses Contact details Presentation by Ethics unit Questions and Answers

3 BACKGROUND RAF/2015/00019: Request for information: ICT Security Solutions. RFI was advertised on Friday, 18 September 2015 Closing on 20 October 2015 at 11h00

4 PURPOSE OF THE RFB Background of the Project
The Road Accident Fund (RAF) is improving its Information Security infrastructure to ensure alignment to strategic objectives in both the Information Security & IT Risk Management strategies as well as compliance with legislation such as Protection of Personal Information (PoPI). The purpose of this RFI is to request appropriate best practice industry information that may be used in the drafting and publishing of a future bid process.

5 SCOPE OF WORK Identity and Access Management Solution (IAM);
The RAF is seeking information from bidders to provide ICT Security Solutions or Services for a period of three (3) years. We are specifically looking for information about on-premise, cloud based or hybrid solutions/services. In the event of cloud based solutions, preference is for local bound solutions within the borders of South Africa. Our current IT infrastructure is centralized in Gauteng. Bidders can respond to one or more of the following solutions: Identity and Access Management Solution (IAM); Personal information Identification and Marking; Database Activity Monitoring (DAM) Solution; Unstructured Data Solution; and Data Loss Prevention (DLP) Solution. The systems must have the capability to provide reports and analytics.

6 SCOPE OF WORK continues
The solutions/services scope covers: 1. Identity and Access Management Solution (IAM) key features: Enhanced security for the identification, authentication and authorization of employees. Centralization of authentication for easier user lifecycle management. Multifactor authentication mechanisms. Privileged user management.

7 SCOPE OF WORK continues
The solutions/services scope covers: 2. Personal information Identification and Marking key features: Identify information stored on file servers, online portals, document management systems and notebook computers that may be sensitive information but not easily identifiable. Identification, alerting and remediation of sensitive information with poor access controls Definition of policies for protection, access rules and classification of personal information identified. Supports the implementation of legislative requirements e.g. POPI

8 SCOPE OF WORK continues
The solutions/services scope covers: 3. Personal information Identification and Marking key features: Database Activity Monitoring (DAM) Solution key features: Enterprise database auditing and real-time protection. Generation of log data for import into log management system. Activity monitoring, intrusion prevention and risk management for business applications and databases Fingerprinting database and application interactions to protect against threats. Enforce information handling rules on databases and SharePoint Fraud protection on all systems using backend databases including SAP

9 SCOPE OF WORK continues
3. Personal information Identification and Marking key features: Real time monitoring of unauthorized database access and document management systems Detection of unauthorized access by administrators. Ability to detect and respond to unauthorized activity by preventing access to data – operates like a database and application firewall Ease of compliance reporting

10 SCOPE OF WORK continues
The solutions/services scope covers: 4. Unstructured Data Solution key features: The solution has the capability to identify, monitor and access control information that is stored in shared servers and other file storage. Authorized access to unstructured data is assured while audit trails are maintained for accessed data Information classification implementation is enhanced through identification of data and owners.

11 SCOPE OF WORK continues
The solutions/services scope covers: 5. Data Loss Prevention (DLP) Solution key features: Identify RAF Information and implement access control for data in motion and data at rest Risk based tracking of data in motion and data at rest Addressing of insider threats to organization by enforcing what users are permitted to transfer out of the organization.

12 MANDATORY EVALUATION CRITERIA
MANDATORY REQUIREMENTS Mandatory Comply Not Comply  1 The solutions/services must have been deployed in an enterprise information security environment preferably similar to the RAF industry. Substantiate / Comments

13 Submission of RFI responses
The Proposal clearly marked and indexed with all pages numbered. One (1) original and one (1) copy submitted in a sealed envelope, clearly marked (RAF/2015/00019), to the address provided below. Submission Address : Road Accident Fund Eco Glades Reception (Block F) 420 Witch-hazel Avenue, Centurion Closing Time : 11:00 am (PER THE CLOCK AT THE RAF RECEPTION) Closing Date : 20 October 2015

14 Submission of RFI responses
Responses sent by courier must reach the reception at least 36 hours before the closing date (20 October 2015), to be deposited into the Bid box. Submission Register must be signed at the reception by bidder when submitting bid documents. Important note: Please ensure that the attendance register has been signed Name of company Contact details If a courier company is submitting on behalf of the bidder please ensure that they write your company name and not the courier company name(for ease of reference) Late response will not be considered

15 Contact Details All queries must be forwarded to Noluthandon@raf.co.za
Enquiries and clarification will close on Wednesday, 30 September 2015. Q and A Pack will be uploaded on the website on Monday, 05 October 2015 before COB.

16 THANK YOU

17 Presentation by Ethics unit
Presenter: Khali Mofuoa

18 Questions and Answers ?


Download ppt "NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00."

Similar presentations


Ads by Google