CITY COUNCIL AGENDA ITEM
ACTION REQUESTED:
title
Approve the award of RFP 21-202, PCI DSS Compliance Services to CampusGuard, LLC for an amount not to exceed $231,025 for a three-year term
body
DEPARTMENT: Finance Department
SUBMITTED BY: Rachel Mayer, Director
BOARD/COMMISSION REVIEW:
N/A
BACKGROUND:
The Payment Card Industry (PCI) Security Standards Council created standards to reduce risk to organizations that accept, transmit, process and/or store credit and debit card data. Being compliant with the standards reduces an organization's risk of credit and debit card data loss and identity theft. Additionally, it helps protect an organization if a data breach occurs and cardholder data is compromised. If an organization fails to comply with PCI compliance, it may be fined and/or lose the ability to conduct e-commerce.
In July 2021, the Finance Department issued RFP 21-202, PCI DSS Compliance Services, to contract with a consulting firm capable of serving as a PCI qualified security assessor (QSA) and approved scanning vendor (ASV) to provide compliance and support services to the City and Naper Settlement.
The initial term of the contract will be three years following completion of the initial assessment. The contract may also be extended for up to three additional years in increments of one year.
DISCUSSION:
Advertisement Date: 7/16/2021 Notices Sent: 87
Proposal Due Date: 8/10/2021 Planholders: 22
Proposals Received: 10
Proposals were received from the following vendors:
AT&T CampusGuard LLC
Glasshouse Systems MegaplanIT Holdings LLC
Moss Adams LLP Plante & Moran, PLLC
RSI Security Rubin Brown LLP
TNCG Viking Cloud
A selection team comprised of staff from the Finance and IT departments and Naper Settlement evaluated proposals, which was based upon criteria set forth in the RFP:
1. Capability, Capacity and Qualifications of the Proposer
2. Suitability and Qualit...
Click here for full text