Specifications include, but are not limited to: RISLA IT Infrastructure • Approximately (75) Internal IPs and (4) External IPs • (45) Desktop Computers • (12) Virtual Servers (2 Azure VMs an App gateway in Azure and several SQL instances in Azure) • (10) Network Printers • (5) Network Switches • (1) Firewall Appliance • (6) External websites B)AUDIT SPECIFICATIONS 1. An initial assessment report is due within 5 business days of completion of testing (this will trigger 50% of the payment) 2. Formal assessment report within 10 business days of completion of testing (this will trigger the remaining 50% of the contract); The assessment should include: a. Adversarial assessment b. Detail reports with findings and recommendations c. Remediation support (hourly rate) 3. The receipt of the report(s) must be acknowledged by RISLA’s Information Security Officer, the Controller, or the Executive Director to trigger the payment of the contract. 4. The testing is expected to begin during December, with the final report completed and delivered no later than December 1, 2023. 5. We also require a social engineering attack be performed on our employees via: • Email campaign for 20 employees
