My WebLink
|
Help
|
About
|
Sign Out
Browse
Search
Agmt25 AARC Consultants, LLC
RedwoodCity
>
City Clerk
>
Agreements
>
2020-2029
>
2025
>
Under $108K
>
Agmt25 AARC Consultants, LLC
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
6/16/2025 1:06:44 PM
Creation date
6/16/2025 1:06:39 PM
Metadata
Fields
Template:
Agreement
RMP File Number
304.5
Date
6/6/2025
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
20
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Show annotations
View images
View plain text
REV: 05-27-25 LF <br />•A comprehensive evaluation based on NIST, NERC–CIP, DHS–CISA, <br />and AWWA standards. <br />•Identifies gaps in cybersecurity for: <br />o IT/SCADA access controls <br />o Network architecture and firewall vulnerabilities <br />o Social engineering risks <br />o Wireless/mobile communication and SCADA–enterprise network <br />interactions. <br />This assessment will provide actionable insights into cybersecurity weaknesses, <br />offering mitigation strategies and prioritized recommendations to enhance the <br />City’s cybersecurity resilience. <br />•Utility Resilience Index (URI): Measure the reliability, redundancy, and <br />adaptability of critical utilities, such as power, water, and communication systems. <br />The Utility Resilience Index (URI), as part of the J100 Standard, will be used as a <br />decision–support tool to assess resilience based on operational and financial <br />indicators. <br />2.3 – Hold Review Meeting and Presentation <br />Consultant shall evaluate potential threats (natural, human-made, and cyber-related), <br />assess vulnerabilities, and determine the resilience of essential assets. The assessment <br />covers physical security, cybersecurity, and utility resilience, providing a comprehensive <br />understanding of risks. The assessment covers physical security, cybersecurity, and <br />utility resilience, providing a comprehensive understanding of risks. It incorporates <br />scenario-based analysis, stakeholder engagement, and compliance with industry <br />regulations. The final RRA delivers actionable recommendations to enhance <br />preparedness, response, and recovery capabilities, ensuring long-term operational <br />continuity and resilience. <br />Consultant shall conduct a review meeting to examine the draft RRA, ensuring alignment <br />with objectives and stakeholder and City’s expectations. During the meeting, Consultant <br />shall present an overview of the draft RRA. Participants will provide feedback, discuss <br />concerns, and suggest improvements. <br />2.4 – Address Review Comments <br />Consultant shall respond to comments, address questions and feedback, and make <br />necessary revisions to refine the final product. This iterative approach enhances <br />accuracy, clarity, and effectiveness, ensuring that all stakeholders and City’s input is <br />considered before final approval. <br />2.5 – Finalize RRA <br />Consultant shall develop a final RRA after incorporating City’s feedback, refining risk <br />evaluations, and validating resilience strategies. This document will provide a <br />comprehensive analysis of critical assets, potential threats, vulnerabilities, and mitigation <br />ATTY/AGR.2025.124/AARC Consultants, LLC(RRA and Update to ERP 2025) (Page 13 of 20)
The URL can be used to link to this page
Your browser does not support the video tag.