The URL can be used to link to this page

Home My WebLink About04.j. Amend agreement with NexLevel for security remediationCentral Contra Costa Sanitary District J BOARD OF DIRECTORS POSITION PAPER Board Meeting Date: September 4, 2014 Subject. AUTHORIZE THE GENERAL MANAGER TO AMEND AN EXISTING AGREEMENT WITH NEXLEVEL INFORMATION TECHNOLOGY, INC. FOR THE NETWORK VULNERABILITY ASSESSMENT AND DATA BACKUP PRACTICES ASSESSMENT, DISTRICT PROJECT 8195CY Submitted By. Initiating Dept. /Div.: David Heath, Director of Administration Administration /Information Technology REVIEWED AND RECOMMENDED FOR BOARD ACTION: D. Heath — Director of Administration I— �� - Q Kent Alm oger S. Bailey Counsel for the District General Manager ISSUE: Board of Directors' authorization is required for the General Manager to amend an existing professional services agreement in an amount greater than $100,000. RECOMMENDATION: Authorize the General Manager to amend an existing Professional Consulting Services Agreement with NexLevel Information Technology, Inc., in the amount of $127,200 from $12,800 to $140,000 for the security remediation resulting from the network vulnerability assessment. FINANCIAL IMPACTS: The additive cost of this amendment is $127,200. There are sufficient funds allocated to the associated District Project 8195CY to accommodate this amendment. ALTERNATIVES /CONSIDERATIONS: The security remediation consultant will leverage District staff as much as possible to complete the work associated with this amendment, as time permits, in the interest of reducing the cost of the contract and to develop in -house expertise in the process. The contract amendment also includes services related to evaluating the District's hardware needs and configuration as part of the Information Technology Master Plan effort in addition to services related to development and implementation of a comprehensive District wide data backup and recovery solution. BACKGROUND: The District entered into a contract with NexLevel to assist the District in developing an Information Technology Master Plan in October 2013 in the amount of $75,000. As a result of the infiltration of malware viruses in April of 2014, the District executed a separate contract with NexLevel in the amount of $12,800 to evaluate the District's security systems and vulnerabilities. The vulnerability testing was recently completed and District staff is recommending acceleration of the recommendations for remediation provided by the security specialists who conducted the study. NexLevel will C: \Users \danderson\AppData \Local \Microsoft \Windows \Temporary Internet Files \Content.Outlook \DVCG8C5G \Position - Paper- NexLevel Contract Amendment.docx Page 1 of 2 POSITION PAPER Board Meeting Date: September 4, 2014 Subject: AUTHORIZE THE GENERAL MANAGER TO AMEND AN EXISTING AGREEMENT WITH NEXLEVEL INFORMATION TECHNOLOGY, INC. FOR THE NETWORK VULNERABILITY ASSESSMENT AND DATA BACKUP PRACTICES ASSESSMENT, DISTRICT PROJECT 8195CY be utilizing the same security sub - consultant, which specializes in in both security vulnerability testing and remediation, subject to the approval of the District. RECOMMENDED BOARD ACTION: Authorize the General Manager to amend an existing Professional Services Agreement with NexLevel Information Technology, Inc., from $12,800 to $140,000 for security remediation based on the results of the network vulnerability assessment. C:\ Users\ danderson \AppData \Local\Microsoft \Windows \Temporary Internet Files \Content.Outlook \DVCG8C5G \Position - Paper- NexLevel Contract Amendment.docx Page 2 of 2