Vendor Questionnaire. 1. Is your computer network internal to your organization or do you have it hosted by a cloud / colocation vendor? If so, what vendor do you use?
Vendor Questionnaire. Is your computer network internal to your organization or do you have it hosted by a cloud / colocation vendor? If so, what vendor do you use? What technical security measures has the vendor taken to protect its network? Firewall, Intrusion detection / prevention system, Anti-virus / anti-malware, Data loss prevention, Endpoint protection, Network access control, Data encryption, Vulnerability scanning, Identity access management, Password management, Security alerting, audit logging, etc., Remote access. What procedural security measures has the vendor taken to protect its network? Timely removal of terminated employees, Security awareness training – focus on phishing emails (required by PSC), Computer use policy, Incident response procedures, System pre-implementation testing, Change management controls, Physical security controls over computer room, Background checks on IT personnel, Framework (CoBIT, ISO 27001), Employee signed NDA, Data privacy controls, etc. How is the data transferred? Will it be encrypted in transit? Where is the data physically located? (in the U.S. or foreign country) How is the data stored and backed up? Will it be encrypted? How do you ensure that unauthorized access is prevented? Do you allow your employees to save Central Xxxxxx data to a local or removable device or to print Central Xxxxxx data? Upon Central Xxxxxx request, how would you either return or delete Central Xxxxxx data (both electronic and hardcopy for production and backup systems)? Are personnel able to access Central Xxxxxx data from a mobile device? If so, what security measures have you taken to protect the device? Do you have third party security assessments / audits performed on your network? (penetration test, vulnerability testing, SSAE 16 SOC 2 audit). Do you have cyber insurance of $1 million? Does the vendor use outsourced third parties to assist in providing the service? Will the vendor use cloud computing software / hardware to provide the service?
Vendor Questionnaire. Attachments: A - Enclosure 1 Square Footage B - Enclosure 2 Facilities List C - Enclosure 3 Cleaning Specifications D - Enclosure 3a Cleaning Specifications Checklist E - Enclosure 4 Required Equipment F - Enclosure 5 Report Card G - Enclosure 6 District Calendar H - Enclosure 7 Applicant Supplement I - Enclosure 7a Supervisor Reference Checks J - Enclosure 8 Cleaning Guidelines During Gastroenteritis Outbreaks K - Enclosure 9 Voting Locations L - Enclosure 10 Minimum Pay Rates M - Enclosure 11 Employee Longevity N - Attachment A Staffing O - Attachment B Facility Timeline P - Attachment C Supply Budge Allocation Q - Attachment D Proposed Supply List R - Attachment E Equipment List S - Attachment F Organizational Chart (Sample) T - Attachment I Cleaning Plans U - Attachment J Proposed Monthly Invoice V - Attachment M Site Visit Record
Vendor Questionnaire
