• No results found

Request for Information Information Technology Audit of Voice over Internet Protocol (VOIP) System. City of Tulsa-Internal Auditing Department

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Request for Information Information Technology Audit of Voice over Internet Protocol (VOIP) System. City of Tulsa-Internal Auditing Department"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Request for Information

13-713

Information Technology Audit of

Voice over Internet Protocol (VOIP) System

City of Tulsa-Internal Auditing Department

(2)

Introduction

The City of Tulsa is soliciting responses to this Request for Information (RFI) from the appropriate consulting companies qualified to provide an audit of the City’s Voice Over Internet Protocol (VOIP) phone system. Information provided as a response to this RFI will be used in the preparation of a Request for Proposal for the required services. Primary services required of a vendor in the future will include the development of an audit plan for Internal Auditing’s approval, conduct of the audit with personnel possessing requisite levels of IT and telecommunications expertise and experience, and presenting a written report of the audit results. For the scope area audited, the use of the Control Objectives for Information and Related Technology (COBIT) 5 framework is required.

In general, it is the intent of the City to review the responses to this RFI and consider them in the development of a fair, thorough Request for Proposal, which facilitates the competitive bidding process. This is an opportunity for respondents to have input in the development of the specifications from which sealed bids will be solicited, and a contract(s) executed, for the provision of the primary services above, for the City of Tulsa Internal Auditing Department.

Information Response Submissions

Responses are due by 5:00 p.m. on December 4, 2013, and may be mailed or delivered to:

City Clerk’s Office City Hall

175 East 2nd Street S# 260 Tulsa, Oklahoma 74103

(3)

Overview of the City’s VOIP System

The main PBX (private branch exchange) system is an Avaya (Blue) product. It is the CS1000E on Release 7.5. The upgrade from a CS1000M Release 5.0 occurred in April 2012. The system consists of:

CS1000E Release 7.5

 Provides core control elements and uses geographically-split processors on proprietary hardware

Call Pilot Release 5.0

 Runs voice mail applications and uses Windows Server 2003 R2 Standard on proprietary hardware

Avaya Aura Contact Center Release 6.2

 Provides call center applications and uses Windows Server 2008 R2 Standard on a DL380 G7 server.

Other Avaya components include  (2) System Manager

 (1) Presence Server  (3) Session Manager  (1) MAS Server  (10) Signaling Server

 (2) Remote Media Gateway Non-Avaya products include:

 Telstrat Call Recorder – records call audio and computer screens for call center agents. PCI Compliance rules are followed.

 VeraMark VeraSmart Call Accounting – standard call detail register system that tracks call activity and long distance usage.

(4)

Goals, Objectives and Conduct of the VOIP System Audit

The objective of the audit is to identify any significant risks posed by the VOIP system’s configuration. This centers on risks creating potential for the compromise of City data security or disruption of critical service delivery. Specific to these risks, system level configuration and architecture of the components listed above will need to be evaluated. The selected firm will be responsible for performing the audit as well as providing complete audit documentation to the Internal Auditing department, including:

 audit project plans  expected timelines

 initial data and access requests

 estimates of time needed from City IT personnel  planned test procedures

 test results

 workpaper documentation and  report findings

The timing of vendor selection and contract award is anticipated to be in the City’s fiscal 2014 4th quarter, which commences April 1, 2014. Upon final contract award, the selected firm will then be required to begin the audit process within 30days.

Qualifications and experience levels of key personnel ultimately working on the audit must be the equivalent of personnel profiled in work proposals; further, the City will reserve right of refusal if staffing substitutions are made which do not achieve the expertise levels originally proposed by the firm. Additionally, standard City contract terms do not allow subcontractors to be used to perform work.

RFI Submission

The overall goal of this RFI is to aid in the collection of sufficient information to facilitate the development of fair and open specifications for the subsequent proposal for primary services. The above areas of interest have been identified to date, but other pertinent information provided will also be considered.

RFI response formats are at the discretion of the respondent, but should contain the following:  Overview of the proposed audit.

 Description of the approach to conducting the audit.

 Discussion of the key components of the goals and objectives section:

 Specific experiences with IT security and/or telecommunications audits at the system (rather than process or policy) levels.

(5)

Special Terms & Conditions

1. All material submitted as part of the response to this Request for Information shall be considered the property of the City of Tulsa.

2. The respondent will not be compensated for any expenses incurred in the process of responding to the RFI or, if requested, in submitting further information.

Timeline

RFI Issued: October 31, 2013

Deadline for Written Questions: November 20, 2013 5:00 PM (CST) Responses Due: December 4, 2013

Project Manager: Mary Vassar

(Contact ref. Onsite or other questions)

City of Tulsa

175 East 2

nd

Street S# 665

Tulsa, OK 74103

References

Download now ( PDF - 5 Page - 42.64 KB )

Related documents

North Lands Ledger Case Analysis

However distance is important to make sure you show them who the boss is, and the draw the line at the right time and that is what Potter did even though he delegated

Healthy Retail as a Strategy for Improving Food Security and the Built Environment in San Francisco.

In low-income neighborhoods without supermarkets, lack of healthy food access often is exacerbated by the saturation of small corner stores with to- bacco and unhealthy foods

Machine Reconfigurability Models Using Multi-Attribute Utility Theory and Power Function Approximation

In order to evaluate reconfigurability, variables namely effort, number of machines (calculated using the required demand and production capacity of the selected machine)

Cost-benefit analysis of vaccination: a comparative analysis of eight approaches for valuing changes to mortality and morbidity risks.

Methods: To understand the implications of different CBA approaches for capturing and monetising benefits and their potential impact on public health decision-making, we conducted a

Tooling design and microwave curing technologies for the manufacturing of fiber-reinforced polymer composites in aerospace applications

Therefore, the composite components using composite tooling, which applied ACT design technology, and manufactured by vacuum-pressure microwave curing method, can

DISsing the social GGRRAAACCEEESSS

Mercer (eds) Implementing the Social Model of Disability: Theory and Research , Leeds: The Disability Press, pp. (Available from

Foul play? On the rapid spread of the brown shrimp Penaeus aztecus Ives, 1891 (Crustacea, Decapoda, Penaeidae) in the Mediterranean, with new records from the Gulf of Lion and the southern Levant

aztecus , a West Atlantic species, were collected off Le Grau du Roi, Gulf of Lion, France, and off the Israeli coast, Levant Basin, Mediterranean Sea.. This alien species has

Surviving A Fire Loss - Know Your Insurance Facts

The insurance company should provide you with information regarding the security of the dwelling and exposed areas, the removal of water, and approved Emergency Response