The solutions and services for the G2G Marketplace were selected through a standard procurement process using generally accepted purchasing practice and guidelines with Oakland County, MI.
Oakland County, MI follows all generally accepted government standard purchasing process. The Request for Qualifications document is listed below for your reference.
Types of solutions
The G2G Marketplace offers a variety of solutions ranging from cloud computing to ecommerce to security. To view and have full access to the solutions and services, please
Government agencies can register and utilize the solutions and services offered in the G2G Marketplace. A government agency includes: States, Counties, Cities, Villages, Townships, Courts, Schools, Libraries, Police Departments, Fire Departments, Etc. Due to state law, we do not allow non-profit agencies to participate in the G2G Marketplace.
Vendors Interested in CySAFE
In the world of cyber security, organizations often struggle to keep pace with an ever-changing threat environment. CySAFE was created through a collaborative effort, driven by five Michigan counties and the State of Michigan to develop a free IT security assessment tool to help small and mid-sized organizations assess, understand and prioritize their basic IT security needs.
CySAFE was created from three well-known IT security frameworks: 20 Critical Controls, ISO 27001 and NIST. The goal was to combine the 400+ controls from all three frameworks into one condensed list, removing any redundant controls and assess the controls against the organization's current IT security capabilities. Next, the master list of 35 controls were evaluated over three key factors – cost to implement, time to implement and risk – and were assigned a number based on each key factor.
Changes in CySAFE 2.0
There were three major changes to CySAFE 2.0: 1) Creation of CySAFE Workbook 2) Addition of "Summary of Controls" 3) CySAFE was updated to reflect the changes made to the three frameworks (20 Critical Controls, ISO 27001 and NIST) along with feedback received by the organizations using the CySAFE framework for the past three years. Six controls were deleted and five controls were added. The five new controls are:
- Email and Web Browser Protections
- Penetration Tests and Red Team Exercises
- Physical And Environmental Security
- Monitoring and Review of Third Party Services
This document is provided as a supplementary guide to the CySAFE Security Assessment tool.
Users can use this document to:
- Implement actual controls in their organization
- Establish a RACI Matrix for those controls
- Document the future initiatives planned to improve the security