ID: RFP-60-25-02

The State Universities Retirement System (SURS) is soliciting proposals from qualified candidates to conduct security assessments annually for three years. These assessments should give SURS a better understanding of potential vulnerabilities and risks on the network, servers, and applications or that may be visible from the internet. Testing should be from the perspective of an outside attacker with no inside knowledge of the network. 

An amendment to the Question and Answer document was posted on Sept. 23, 2024. Questions 79 and 116-128 were updated.

The State Universities Retirement System is transitioning to an online electronic solicitation and vendor registration system, hosted by OpenGov Procurement. To stay informed about non-investment opportunities, register and create an account on our e-Procurement Portal: https://procurement.opengov.com/portal/surs.

Document NameDatePages
Network, Server, and Application Penetration and Vulnerability TestingAugust 29, 202426
Question and Answer DocumentSeptember 23, 202414

Schedule

DescriptionDate
Quiet Period BeginsAugust 29, 2024
RFP IssuedAugust 29, 2024
Responder Questions DueSeptember 13, 2024, 4:30 p.m. CT
Responses to QuestionsSeptember 20, 2024, 4:30 p.m. CT
RFP Responses Due on or BeforeSeptember 27, 2024, 4:30 p.m. CT
EvaluationsOctober 14- 17, 2024
Interviews/Selection CommitteeOctober 21- 23, 2024
Anticipated Project StartNovember 2024