Download complete service offering doc format of eo504_compliance_serivce_definition.doc

 

1. Description of Service

ITD's EO504 Compliance Service provides agencies with access to the on-line Compliance Application for submitting and reporting agency Information Security Program (ISP), Electronic Security Plan (ESP) and their annual Self-Audit Questionnaire (SAQ). The EO504 Compliance Application is only accessible from inside MAGNet. Once authorized, users can access this application through this EO504 Application link.
 

This service allows authorized users to submit and update EO504 submissions online. Please see Executive Order 504 Service Support for user support and guidance. Authorized access to the Compliance Application is granted to agency users when the agency head or agency Information Security Officer (ISO) requests a user application account through ITD's Security Office. For more information please see Executive order 504 and Executive Order 512.

Support services include:


2. Service Targets/Hours of Availability

Service Requirement

Description

Service Availability

Service is available 24x7.

Request Fulfillment*

Staff will respond to service requests during the hours of 9:00 am - 5:00 pm Monday through Friday excluding holidays. Customers can make requests through COMiT.

Incident Management*

ITD Service Management Office has standard processes to manage incidents, requests and changes.

Outages or urgent issues should be reported by phone to receive the quickest response 1-866-888-2808.

*Incidents, requests, or changes that are outside the scope of the defined service description or normal service hours will be direct charged to the customer.

 

3. Service Reporting

Report

Description

Reporting Interval

Application Documentation

Information submitted within the Application.

Within Application

Dashboard

A Dashboard is available for each agency to review submitted information

Within Application

 

4. Service Requests

COMiT Service Requests

Description

Lead Time-Business Days

   

Request System Access*

Requesting access to the application (by user role).

3-5 Days

Request System Training*

Training on how to use this service.

Up to 21 Days

*Please work with your Service Account Manager to process requests for these services.

 


5. Customer Responsibilities

Per Executive Order 504, the Agency Information Security Officer and the Department Head must sign and attest to the Agency Self-Audit Questionnaire (SAQ).

For your convenience, you may also view a detailed list of customer responsibilities.

 

6. Chargeback Rate Information

For more information on Chargeback, including an overview of the program as well as current and previous fiscal year rates, please visit our Chargeback Services webpage.

Cost Framework: E0504
Direct Costs:
Direct Dedicated Resources:

 

Salaries (AA) and Fringe (DD) Costs, Contract Support (HH/U05)
No.DescriptionCostAssumptions
/Comments
2aSalaries (AA) and Fringe (DD) Costs, Contract Support (HH/U05)

$23,468

.35 FTEs

 Total Salaries (AA) and Fringe (DD) Costs, Contract Support (HH/U05)$23,468 

 

 

Hardware/Software/Contracts (UU, LL, etc.)
No.DescriptionCostAssumptions
/Comments
2bDell Software-Legato for EO-504 Application

$303

 
 Dell Software-Networker for Exec. Order 504 Project$100 
 

Other Costs, Re-classifications, Adjustments

$4

 
 Total Hardware/Software/Contracts (UU, LL, etc.)$407 
 

 

Shared ITD Data Center Services
No.

Service Offering

Rate CodeTitleRate#UnitsCost
4Data - Data Backup and RecoverySG100 

$0.2275

780

$177

 Data - Silver (Clarion Auto-Tier FC, SATA)SF0C0 $.0170115,705$1,967
 Hosting - Shared VMWare Platform SupportSV350 $16060$9,600
 Hosting - Windows OS SupportSV210 $20360$12,180
 

Total Indirect Shared Costs

    

$23,924

Allocated Costs:
Allocated Costs Not Specific to Service
No.DescriptionCostAssumptions
/Comments
5Allocated Costs Not Specific to Service

$2,555

 

 Total Allocated Costs Not Specific to Service

$2,555

 

  

Total expenses for E0504

$50,355

 

Rates pertaining to this service offering include:

Rate Code

Title

Billable Unit

Planned FY2013 Units

Cost

FY 2013 Rate

SU070Security -Security 504 ComplianceEach Year

69

$50,355

$730

 

Download the cost framework for E0504 pdf format of E0504 2013
Download a complete listing of chargeback rates xlsx format of fy13 chargeback
 

Updated December 10, 2012
Published August 31, 2011
Created August 31, 2011: Information provided by the Security Office