VITL is seeking written proposals from individuals or firms with a deep understanding of the Minimum Acceptable Risk Standards for Exchanges (MARS-E), to augment VITL staff in adapting its existing NIST CSF security program framework to meet the expectations of the MARS-E.
Key elements of those projects would include:
• Evaluating existing security and privacy controls and their conformance with MARS-E requirements
• Documenting gaps in existing policy and procedure and developing proposed actions plans for remediating those gaps
• Support for implementing new policy, procedures and documentation identified in the action plan
• Training for staff with roles in MARS-E compliance
