Los Angeles County

Buyer requires comprehensive information security and privacy services to safeguard County Information. Services include establishing Information Security and Privacy Programs, implementing technical security measures, conducting background checks on personnel, and maintaining business continuity plans. Vendor must ensure protected County Information is secure through encryption, access controls, and regular security audits. Vendor must also comply with incident reporting requirements and maintain cyber liability insurance.

• 5/12/2025 - Proposal Due Date

• Ability to implement Information Security Program
• Capability to establish and maintain company-wide Privacy Program
• Experience with conducting background investigations on employees
• Capability to encrypt workstations and portable devices
• Ability to implement secure authentication protocols

• Establish and maintain Information Security Program
• Maintain Privacy Program with policies and practices
• Protect confidentiality, integrity, and availability of County Information
• Conduct background investigations on employees accessing County Information
• Implement secure authentication and multi-factor authentication
• Encrypt workstations, portable devices, and removable media
• Ensure secure transmission of County Information over networks
• Promptly report security and privacy incidents within 24 hours
• Implement disaster recovery and business continuity plans
• Conduct regular security audits and vulnerability assessments