Public administrations will be able to use the new tool dedicated to IT systems also to acquire services intended to finance projects on "digitization, innovation and security" of the PNRR 27 May 2022 A. S.
Put public administrations in a position to acquire security services, in line with the indications of the Three-Year Plan of Informatics in the PA, also for the realization of PNRR projects, specifically those of component 1 ("Digitization, innovation and security in the PA") of mission 1 ("Digitization"). This is the objective of the new contract that enriches Consip's offer of cybersecurity services, with the activation of lot 2 of the "Remote Security Services" Framework Agreement, worth 117 million euros, which provides "compliance and control" services, aimed at identifying the state of the security of the information system, defining the cyber security strategy, to identify safety needs. Specifically, the contract provides Security Strategy services, which allow the definition of strategic choices concerning the governance of information security, organizational, technological and needs in the field of IT Security, and Vulnerability assessment, with the definition of a process aimed at identifying and classifying risks and vulnerabilities, in terms of security, of the information system. Added to this is code testing, identifying software vulnerabilities early in the lifecycle, so you can eliminate them before deployment, and support for incident analysis and management, with incident analysis and disclosure activities in the event of an emergency. To conclude the package there are penetration testing, to exploit the vulnerabilities detected in order to determine the degree of security of the information system, and compliance, with the analysis of compliance of the information system with norms, rules, standards or policies. The "multi-supplier" framework agreement, under all fixed conditions, has as its contractor the temporary network of companies composed of Deloitte Risk Advisory, Ey Advisory and Tele-co for local administrations, with a contract value of 200 thousand euros, and the temporary network of companies composed of Intellera Consulting, Capgemini Italia, Hspi and Teleconsys for central administrations, with a contract value of 800 thousand euros. The new contract, explains Consip in a note – joins the one already active since March for security services "on premises" (at the customer's premises), for the protection of data and applications in use by the PA, through which administrations can acquire products for the management of security events and access, for the protection of email, web and data channels.