In a Request for Proposal released Sept. 3, the state seeks bids on a contract to do a “statewide cybersecurity assessment” of its new Next-Generation 911 (NG911) system, now under construction. Here are key changes since this RFP was first released June 15:
• A key difference in this release is the involvement of the California Department of Technology — state officials determined the RFP should be administered under the authority of the state technology agency on behalf of the California Governor’s Office of Emergency Services, which is underway on the build of a new NG911 system under five different contracts to provide the state a National Emergency Number Association (NENA) i3-compliant system.
• Additionally, when eligible bidders are determined the state will begin negotiations under Public Contract Code 6611, which allows vendor negotiation. PC 6611 wasn’t mentioned in the earlier RFP. As in the earlier RFP, however, the estimated contract value is not specified.
• The contract term and optional extensions have been lengthened. The contract term has been extended from about 16.5 months to two years, with the anticipated start date pushed from July 15 to Oct. 20. The state’s right to exercise two optional contract extensions remains — but each potential extension has been lengthened from nine months to one year — increasing the total possible contract length from 34.5 months to four years. Vendors who responded to the earlier RFP will have to reapply; final proposals are due by 3 p.m. Sept. 25 and will be evaluated between Sept. 28 and Oct. 2.
• CalOES seeks a contractor to do “initial information and data gathering,” then complete a “cybersecurity vulnerability assessment” on the state’s new NG911 system, which is intended to connect to 438 public safety answering points (PSAPs) around the state; and to interconnect four service regions and the prime network service providers. Similar to the earlier RFP, the assessment will focus on information and data gathering; on-site vulnerability assessment; deliverables including an NG911 Security Audit Checklist; and an outline of the vulnerability assessment for the public safety network provider (PNSP) and each of the four retail service network providers (RSNPs).
