Mount Rogers Community Services - Cyber Security Audit

Background
The Mount Rogers Community Services (MRCS) is seeking to enhance the security of its information systems through a comprehensive cybersecurity audit. The goal of this contract is to solicit proposals for an information security penetration testing and operational framework review assessment. MRCS aims to make its information systems more resistant to cyber attacks, minimize potential damage from such attacks, and improve overall resilience. The agency is particularly interested in firms with expertise in NIST assessment methodology and cybersecurity.

Work Details
The contractor will be responsible for conducting a thorough penetration testing and operational framework review assessment of MRCS's information systems. This includes identifying vulnerabilities, assessing the effectiveness of existing security measures, and providing recommendations for improvements. The contractor should utilize NIST assessment methodologies throughout the process. Specific tasks may include:

1) Conducting simulated attacks to evaluate system defenses;
2) Reviewing current cybersecurity policies and procedures;
3) Providing a detailed report outlining findings, vulnerabilities, and suggested remediation strategies;
4) Offering guidance on best practices for enhancing cybersecurity posture.

Period of Performance
The contract will be performed over a specified period as outlined in the solicitation documents, typically ranging from several months to a year depending on the scope of work agreed upon.

Place of Performance
The services will be performed at the Mount Rogers Community Services locations within Virginia.