(1) Vendor needs to provide risk management platform.
- Provide a cloud-based, comprehensive, and customizable vendor risk management platform solution.
- Implementation and integration services - any services needed to implement an operational instance of the solution installation, integration, and configuration of the solution
- Solution maintenance, updates and support services - on-going support and service, including on-line technical support 24 hours per day 7 days per week, and any needed system upgrades, fixes, data recovery assistance, and enhancements to the items installed.
- Deploy a fully implemented cloud-based, comprehensive, off the shelf, customizable vendor risk management solution provided by a qualified respondent.
- Use the score or grade assigned by the solution to evaluate vendor risk.
- Cloud-based solution that is scalable to include unlimited number of vendors.
- Provided with the knowledge necessary to recognize vendors that would increase the financial, reputational, or cybersecurity risk exposure of the university.
- Ensure agency is able to recognize improvements and regressions of a vendor's cybersecurity hygiene.
(2) All questions must be submitted no later than May 3, 2023.
(3) The contract period will be for four years.
↧