Browse
Search
2024-054-E-AMS-TMA Systems -MobileTMA Go Upgrade
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2024
>
2024-054-E-AMS-TMA Systems -MobileTMA Go Upgrade
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/13/2024 9:18:09 AM
Creation date
2/13/2024 9:16:33 AM
Metadata
Fields
Template:
Contract
Date
1/8/2024
Contract Starting Date
1/8/2024
Contract Ending Date
1/29/2024
Contract Document Type
Contract
Amount
$4,194.00
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
165
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
LAND MANAGEMENT CENTRAL PERMITTING SYSTEM Orange County, NC <br />Appendix F <br />VENDOR GENERAL SYSTEM INFORMATION <br />Vendor Name: TMA Systems, L.L.C. <br />TMA Response: <br />WebTMA SaaS - after a customer receives their username and password, they receive <br />one month warranty. Usually they receive their username and password before training <br />with the consultant. <br />WebTMA Client Hosted - 3 month warranty after implementation. This is when the <br />software is on the client's server. <br />Please describe the software patch delivery policy and process. <br />Respond: <br />TMA Response: TMA System’s Patch Management is to ensure that data is protected against malware <br />threats, such as viruses, Trojans, and works which could adversely affect the security of the systems or <br />data entrusted on TMA’s systems. Effective implementation of this policy will limit exposure and effect of <br />common malware threats to the systems. <br />• The primary scheduling guidelines and plans exist as a comprehensive patch management program. First, <br />a daily patch cycle exists that guides the normal application of patches and updates to systems. This cycle <br />does not specifically target security or other critical updates. Instead, this patch cycle is meant to facilitate <br />the application of standard patch releases and updates. This cycle is time based and when appropriate is <br />event based; for example, the schedule can mandate that certain system updates occur quarterly, or a <br />cycle may be driven by the release of service packs or maintenance releases. In either instance, <br />modifications and customizations can and should be made based on availability requirements, system <br />criticality, and available resources. <br />• The secondary scheduling plan deals more with critical security and functionality patches and updates. <br />This plan helps the organization deal with the prioritization and scheduling of updates that, by their nature, <br />must be deployed in a more immediate fashion. A number of factors are routinely considered when <br />determining patch priority and scheduling urgency. Vendor-reported criticality (e.g. high, medium, low) is a <br />key input for calculating a patch's significance and priority, as is the existence of a known exploit or other <br />malicious code that uses the vulnerability being patched as an attack vector. Other factors that should be <br />taken into account when scheduling and prioritizing patches are system criticality (e.g. the relative <br />importance of the applications and data the system supports to the overall business) and system exposure <br />(e.g. DMZ systems vs. internal file servers vs. client workstations). <br />F - Vendor General System Appendicies B-J <br />DocuSign Envelope ID: D1041CA6-DBD4-42BE-8B32-7C592BF2BA15DocuSign Envelope ID: 3E613CA5-0A37-4CD3-890F-47CC5E2F38B1
The URL can be used to link to this page
Your browser does not support the video tag.