Item Coversheet

CITY OF HOUSTON - CITY COUNCIL

Meeting Date: 9/29/2015
ALL
Item Creation Date: 9/15/2015

HIT-PCI Compliance

Agenda Item#: 27.


 
                               
Summary:

ORDINANCE appropriating $500,000.00 out of Equipment Acquisition Consolidated Fund for Payment Card Industry Compliance Remediation Project for Houston Information Technology Services; providing for expenses relating to the project for the purchase of hardware, software, and professional services

Background:

Subject:  Approve an Ordinance to Appropriate Funds from the FY2016 Equipment Acquisition Consolidated Fund (1800) the Payment Card Industry (PCI) Compliance Remediation Project for Houston Information Technology Services.

 

SPECIFIC EXPLANATION:

The Chief Information Officer recommends that City Council approve an ordinance to appropriate $500,000.00 from the FY 2016 Equipment Acquisition Consolidated Fund (1800). This appropriation is budgeted in the FY2016 Capital Improvement Plan Budget adopted by City Council on July 8, 2015. Houston Information Technology Services (HITS) will follow all procurement policies and procedures and will come back to Council for approval as needed for purchase of various products, services and hardware supporting the Payment Card Industry (PCI) Compliance Remediation Project.

 

The Payment Card Industry (PCI) Compliance Remediation Project originated as an outcome of the annual PCI Compliance Audit completed in 2014. The results of the audit identified a number of deficiencies requiring mitigation or remediation. In support of the policies, procedures and practices initiated by EO 1-48, this appropriation will be used to purchase hardware, software and professional services to ensure that the City’s process of storing and transmitting credit card information are secured.

 

The estimated purchases with approximate allocations are as follows:

 

Hardware - The hardware needed for this project will include but are not limited to: cellular routers, credit card terminals, misc. network adapters and PCI compliant internal scanning system. HITS will work with the Strategic Purchasing Division (SPD) to procure the hardware, and HITS will come back to Council and request purchasing approval as needed. - $240,000.00

 

Software - The requested software purchase is for an Enterprise Cloud Management system. The system will enable convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction to meet security, governance and compliance requirements. - $10,000.00  

 

Professional Consulting Services - Professional consulting services will include: Remediation Design, Implementation, Documentation and Support Services, as well as PCI Compliance External Scanning Services. These services will be procured through an existing contract with Virtuo Group Corporation for an estimated total amount of $250,000.00.

 

PROJECTED COSTS:

Once the Payment Card Industry (PCI) Compliance Remediation Project is fully developed and implemented, the annual maintenance and support costs will be budgeted on an annual basis.  

 

WBS # X-640012*

Amount of Funding:
$500,000.00 - Equipment Acquisition Consolidated Fund (1800)
Contact Information:

Somayya Scott

(832) 393-0082

ATTACHMENTS:
DescriptionType
Request for Council Action (RCA) FinalSigned Cover sheet