TABLE OF CONTENTS - Department of Public Social Services
TABLE OF CONTENTS - Department of Public Social Services
TABLE OF CONTENTS - Department of Public Social Services
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Los Angeles COUNTY<br />
<strong>Department</strong> <strong>of</strong> <strong>Public</strong> <strong>Social</strong> <strong>Services</strong><br />
LEADER Replacement System (LRS)<br />
6052<br />
6053<br />
6054<br />
6055<br />
6056<br />
6057<br />
6058<br />
6059<br />
6060<br />
6061<br />
6062<br />
6063<br />
6064<br />
6065<br />
6066<br />
6067<br />
6068<br />
6069<br />
6070<br />
6071<br />
6072<br />
6073<br />
6074<br />
6075<br />
6076<br />
6077<br />
6078<br />
6079<br />
6080<br />
6081<br />
6082<br />
6083<br />
6084<br />
6085<br />
6086<br />
f. Physical security measures;<br />
g. LRS hardware security;<br />
h. LRS s<strong>of</strong>tware security, including application code vulnerability;<br />
i. Access policies to all processing environments;<br />
j. User security pr<strong>of</strong>iles, audit trails, and transaction sampling;<br />
k. Physical and logical network management and security, access<br />
controls, event management, and reporting;<br />
l. LRS Data security administration, file server security, LRS Data<br />
structure integrity, virus protection, patch management, backup<br />
and recovery, and LRS Data encryption;<br />
m. Alternate site logical security including the Project Office and<br />
CONTRACTOR network control center; and<br />
n. Internet security, including data transmission.<br />
3. The LRS security processes shall support multiple levels <strong>of</strong> security<br />
and shall support Local Office Site security administration as well as<br />
centralized security administration.<br />
4. The LRS shall include LRS Data integrity security to ensure the<br />
contents <strong>of</strong> a transaction have not been altered in some way by an<br />
unauthorized user.<br />
5. The LRS shall contain appropriate audit and control features, including<br />
access control and LRS Data retention.<br />
6. The LRS shall use an industry-accepted protocol for User<br />
authentication (e.g., Kerberos 5).<br />
7. The LRS shall include the ability to use biometric logon authentication<br />
technology for Users.<br />
8. The LRS shall prevent all but COUNTY-specified Users access to the<br />
LRS.<br />
9. The LRS shall include screens and views based on an individual<br />
User’s security pr<strong>of</strong>ile.<br />
10. The LRS shall ensure that no Disabling Device is placed on, or<br />
contained in, any LRS Component.<br />
11. The LRS shall display a message and a control requiring a User’s<br />
acceptance <strong>of</strong> the terms and conditions <strong>of</strong> use <strong>of</strong> the LRS and LRS<br />
Data, prior to allowing any access to the LRS and LRS Data based on<br />
security pr<strong>of</strong>ile.<br />
LRS RFP - Attachment B (SOR) Page 173 November 30, 2007