04
Request for Proposal (RFP) Preliminary Scope of Work IT Risk Assessment and Performance Audit Technology is rapidly changing and Port operations are fully dependent on technology; this makes it critical that such technology is fully integrated with the Port's strategic plan. IT operations and delivery is broad and include, but is not limited to IT hardware, software, IT security, data storage, licensing handling, outsourced services, communications and operational management etc. A. IT Risk Assessment and Development of a Long-term Audit Work Plan Identify and evaluate technology risks for the Port of Seattle as it relates to IT operations and service delivery. Assess the effectiveness of the current IT risk management and strategies for mitigating such risks. Leveraging on IT work that has already been conducted by other Port consultants or Port staff, develop a technology auditable universe and rank the universe items based on a specific weighted risk model. Present the weighted risk model and observations for management review. Based on the current technology environment and the risk exposure for IT operations and service delivery, develop recommendations for a three- year IT Audit Work Plan that is aligned with the Port strategic direction. B. Assess the overall management, efficiency, and effectiveness of all Port information and communications technology assets and services with focus on the following key areas: Strategy Are all Port technology assets and services managed, and driven by clear and effective strategies? Are Port technology investments and operations in alignment with Corporate and Business Unit needs? Are new and rapidly evolving technology industry trends leveraged to effectively best serve Port wide strategies and initiatives? Operations Are Port wide technology staffing levels, organizational structures, and level of infrastructure investment appropriate for the size and complexity of the Port's operations and business requirement? Are Port technology costs in alignment with relevant industry benchmarks? Does the Port follow industry best practices in the delivery of its technology services? Are capacity, performance, and availability monitored to ensure Port technology assets and services are maximizing the investment in these resources? Are Port wide security, PCI, software licensing, and other enterprise technology compliance issues being properly managed? Do effective technology cost management processes exist? Are technology cost allocation/recovery methodologies utilized, and are they reasonable and appropriate? Investment Are technology costs and investments visible, and managed from a Port wide perspective? Are Port technology investment decisions optimized from an enterprise wide perspective, and are they made using well-founded business cases and decision processes? Are technology projects effectively managed and monitored as to cost, schedule, risks and achievement of stated benefits? Are technology asset life cycles properly managed? Governance Is there effective enterprise wide governance over all Port technology investments, budgets and operations? Risk Management Are technology operational and service interruption risks effectively identified and managed?
Limitations of Translatable Documents
PDF files are created with text and images are placed at an exact position on a page of a fixed size.
Web pages are fluid in nature, and the exact positioning of PDF text creates presentation problems.
PDFs that are full page graphics, or scanned pages are generally unable to be made accessible, In these cases, viewing whatever plain text could be extracted is the only alternative.