Summary
A government authority in Columbus, Ohio is soliciting proposals for an independent external IT security assessment to review IT security governance, map capabilities to the NIST Cybersecurity Framework (CSF) 2.0, identify gaps and risks, and produce a maturity roadmap with recommendations. Deliverables include program discovery, NIST CSF 2.0 assessment and mapping, gap analysis and risk considerations, and an executive readout plus a leadership workshop. The posting restricts eligibility to onshore (U.S.) organizations, specifies offsite performance of work, and lists an expiry date of July 15, 2026.