Notice ID:  34300024Q0023

The purpose of this Request for Quotation (RFQ) is to obtain services for Integration and configuration of an OCIO acquired ServiceNow ITOM eDiscovery solution which establishes and automatically populates a centralized IT asset database for all USITC OCIO managed hardware and software assets. The OCIO currently utilizes the ServiceNow Configuration Management Database (CMDB) for manual input of Configuration Items (CI) with limited integration with Microsoft System Center Configuration Manager (SCCM) via service graph connections. The solution will at a minimum capture automatically, with minimal human intervention, 95% of all hardware and software assets on the OCIO enterprise network when compared to the OCIO Security Scanning Toolsets and will allow manual inputs for those assets that are not on the OCIO enterprise network.

Introduction: The United States International Trade Commission (USITC or Commission) has a need for an authoritative source with centralized database for all Information Technology (IT) hardware and software assets that are tracked, managed, and maintained by the USITC’s Office of the Chief Information Officer (OCIO). The solution will be interoperable with the OCIO’s existing management and inventory applications and solutions that are defined in further detail within this statement of work.

The project will also allow USITC to comply with the objectives of Executive Order 14028, Improving the Nation’s Cybersecurity, specifically Modernize and Implement Stronger Cybersecurity Standards in the Federal Government and Improve Software Supply Chain Security.

Currently the authority for the deployment and maintenance of host systems within the Commission’s logical IT inventory is delegated within the Office of the Chief Information Officer (OCIO) to the verticals assigned with managing a specific asset type (Service Desk for workstations and Network Services for Windows and Linux Servers, Network Communications, and Network Appliances). OCIO will implement a centralized asset management database that leverages and combines these disparate data sources to provide a unified view of USITC assets in a single location. This centralized management database will leverage automation to identify and reconcile a majority of the identified and discovered assets with minimal intervention from support staff. This centralized management database will be leveraged by various downstream solutions to enable higher-level data centric management and security (network access control, audit log validation, vulnerability scan validation, external reporting, etc.). Specifically, OCIO will use this centralized asset management database to reconcile the output of its vulnerability scanning solution to the hosts within the asset management database. In addition, the Commission will transition its current network access control solution to leverage this centralized asset management database to remove unauthorized devices from the network.

Scope:

  • Development and phased deployment of ServiceNow ITOM eDiscovery that follows the ServiceNow delivery approaches for Configuration Management Database (CMDB)
  • Implementation and integration of automated solution within OCIO environment that utilizes a least privileged model of access and credentials which will require customization of the ServiceNow Discovery deployment approach
  • Configuration of the automated discovery and reconciliation of assets on the enterprise network which are then stored in the ServiceNow asset tracking system
  • Interoperability with OCIO hardware and software management solutions identified within this statement of work
  • Ability to manually input and track assets that are non-network capable • Interoperability with existing security solutions
  • All applicable and pertinent policy, standard operating procedures, and regulations will be provided on an as needed basis.
  • Government Furnished Hardware, when needed, will be approved by the Chief Information Security Officer (CISO) and issued on an as needed basis by OCIO support staff.
  • Access to any OCIO owned and managed software noted throughout this SOW will require identification and approval by the CISO on an as needed basis.

Read more here.

Ad



Not Yet a Premium Partner/Sponsor? Learn more about the OS AI Premium Corporate and Individual Plans here. Plans start at $250 annually.

How useful was this post?

Click on a star to rate it!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Leave a Reply