File #: 23-0812    Version: 1 Name:
Type: Consent Calendar Item Status: Agenda Ready
File created: 7/20/2023 In control: Board of Directors
On agenda: 8/8/2023 Final action:
Title: Approve the Agreement No. A4759A, with Burns & McDonnell Engineering Company, Inc., to Provide SCADA Cyber Security Auditor Services in Support of the SCADA Cyber Security Vulnerability Assessments Project, Project No.73271004, PlanetBids File No. VW0141, for a Not-to-Exceed fee of $797,357.
Attachments: 1. Attachment A: Gov. Code §84308, 2. Attachment 1: Agreement, Burns & McDonnell

BOARD AGENDA MEMORANDUM

 

Government Code § 84308 Applies:  Yes    No 
(If “YES” Complete Attachment A - Gov. Code § 84308)

 

SUBJECT:

Title

Approve the Agreement No. A4759A, with Burns & McDonnell Engineering Company, Inc., to Provide SCADA Cyber Security Auditor Services in Support of the SCADA Cyber Security Vulnerability Assessments Project, Project No.73271004, PlanetBids File No. VW0141, for a Not-to-Exceed fee of $797,357.

 

 

End

RECOMMENDATION:

Recommendation

Approve the Standard Consultant Agreement A4759A with Burns & McDonnell Engineering Company, Inc., to provide SCADA Cyber Security Auditor services in support of the SCADA Cyber Security Vulnerability Assessments Project, PlanetBids File No. VW0141, for a not-to-exceed fee of $797,357.

 

 

Body

SUMMARY:

Burns & McDonnell Engineering Company, Inc. will be tasked with assessing Santa Clara Valley Water District’s (Valley Water) cyber security controls of our Internet, corporate and SCADA environments. These assessments will be performed annually for 3 years with the possibility of a yearly extension for an additional 2 years. The assessment reports shall identify the vulnerability assessment process, document the assessment results with a focus on areas of high potential risk, recommend actions on how to remediate or mitigate vulnerabilities and provide actionable information.

 

Consultant Selection Process:

 

Prior to publishing the Request for Proposal (RFP), staff conducted outreach to 431 firms that were registered under the National Institute of Governmental Purchasing, Inc. (NIGP) Category Codes; under category code 91871 - IT Consulting category, which is one of 11 targeted categories within Valley Water’s Procurement Portal, PlanetBids (PB).  Staff also issued advertisements in the SJ Post and SBEINC.com prior to publishing the RFP.

 

On August 3, 2022, staff published an RFP for SCADA Cyber Security Auditor services by sending it to 431 firms that were registered under NIGP Category Codes; 91871 - IT Consulting, which is one of 11 targeted categories within Valley Water’s Procurement Portal, PB.

 

A total of five (5) proposals were received on September 2, 2022, from the following consultant firms, Burns & McDonnell (1898 & Co. | Part of Burns & McDonnell), GHD, Inc., Guidepost Solutions, Simply Secure, LLC and Stive Consulting. Of the total of 431 firms informed of the solicitation, 42 firms confirmed to be prospective bidders in the Valley Water Procurement Portal.

 

An Evaluation Committee (EC), consisting of four (4) panelists from Valley Water with subject matter expertise with SCADA Cyber Security experience, evaluated and ranked the written proposals.  Based on the technical evaluations, the EC recommended that staff proceed with all three highly ranked firms, GHD, Inc., Guidepost Solutions and Burns & McDonnell (1898 & Co. | Part of Burns & McDonnell), for contract negotiations.

 

Negotiations with Burns & McDonnell (1898 & Co. | Part of Burns & McDonnell) has been completed successfully. Staff recommends Board approval of the Standard Consultant Agreement with Burns & McDonnell, to provide SCADA Cyber Security Auditor services, for a not-to-exceed aggregate fee of $797,357.

 

 

ENVIRONMENTAL JUSTICE IMPACT:

There are no Environmental Justice impacts associated with this item.

 

 

FINANCIAL IMPACT:

The Information Security Admin Project (Project), Project No. 73271004, is included in the Fiscal Year 2023-24 Adopted Budget. The three-year consultant agreement cost is $797,357 and there is adequate funding in the Project’s Fiscal Year 2023-24 budget to encumber the cost of the agreement. Future agreement extension costs will be included in the biennial budget process and recommended by staff during the annual fiscal year budget process. The Project is funded through the Information Technology Fund (Fund 73).

 

 

CEQA:

The recommended action does not constitute a project under CEQA because it does not have a potential for resulting in direct or reasonably foreseeable indirect physical change in the environment.

 

 

ATTACHMENTS:

Attachment A: Gov. Code 84308

Attachment 1: Agreement, Burns & McDonnell

 

 

UNCLASSIFIED MANAGER:

Manager

Alexander Gordon, 408-630-2637



Notice to Public:

The Santa Clara Valley Water District publishes meeting agendas two Fridays prior to regular meetings, and publishes amended and special meeting agendas one Friday prior. During the process of amending an agenda, individual links to Board Agenda Reports may not be available. In these cases, please reference the “Full Agenda Package” instead.