Link to Consultant Opportunities Home Page Link to Consultant Opportunities Home Page Link to Consultant Opportunities Overview Link to Consultant Opportunities Contact Us
The The Consultant Connection Home Page The The Consultant Connection Home Page CityLink Seattle
Welcome to The Consultant Connection Blog
«    »

Search for posts


Recent Posts

September 2015



Quick Links

CLOSED-RFP – Informal Solicitation for PCI Qualified Security Assessor Services, RFP-FAS-91415

Original Date Posted: September 15, 2015 9:02 am

Due Date: 10/5/2015

City of Seattle PCI Compliance Program

Request for Proposals – Informal Solicitation

For PCI Qualified Security Assessor Services

Click here for the full RFPposted 9/15/2015

Consultant must be approved to the City’s Consultant Roster under the IT – Payment Card Industry Compliance Assessment category by the submittal due date.  See additional qualifications below and in the full RFP:

City Contact:

Nicholas Ziesmer, PCI Program Manager:

(206) 727-8433


Schedule: A breakdown of this solicitation’s timeline of events is provided below. The City reserves the right to modify this schedule at its discretion. Notification of any change will be communicated via the City Contact to the selected City Roster Consultants (“Firms”).


Solicitation Release Monday, 09-14-2015
Deadline for Non Disclosure Agreement submissions (see Attachment A) Thursday, 09-24-2015
Deadline for written Q&A submissions Thursday, 09-24-2015
Q&A Responses Published to Proposers Monday, 09-28-2015
Deadline for Written Proposals(see Attachment B)


Monday, 10-5-2015
Evaluation of Written Proposals and Reference Checks Week of 10-5-2015
Announcement of Finalist Proposers Tuesday, 10-13-2015
Interviews with Finalist Proposers Week of 10-26-2015
Announcement of Successful Proposer Tuesday, 11-10-2015
Finalize Contract / SOW Monday, 11-23-2015
Contract Execution(See Attachment C)


Tuesday, 12-1-2015
Services Start Date Tuesday, 3-1-2016


Unless authorized by the Project Manager, no other City official or employee may speak for the City regarding this solicitation until award is complete. Any Proposer contacting other City officials or employees does so at Proposer’s own risk. The City is not bound by such information.

Background: The City of Seattle is a Level 1 PCI entity, performing more than 12M credit card transactions annually, totaling more than $400M. The City received its most recent PCI Attestation of Compliance on June 30, 2015.

Environment. Please refer to the separately provided City of Seattle PCI Background Information document. This document is confidential and exempt from public disclosure. A non-disclosure agreement must be signed prior to receiving access to this information (See Attachment A).

Purpose: The City is engaged in an ongoing effort to sustain PCI compliance, and intends to select a Qualified Security Assessor for 2016. The City may explore the option of extending these services to 2017-2018.


  1. Mandatory Qualifications.
    1. Have completed an assessment and corresponding Report on Compliance under PCI DSS 3.0 or higher.
    2. Ability to meet City’s timeline – to be provided in later section.
    3. Demonstrated experience working in a similarly large, complex, highly distributed IT environment.
    4. Experience working with Level 1 PCI merchants.
    5. Approval to City Consultant Roster for Information Technology – Payment Card Industry Compliance Assessment category.
  2. Desired Qualifications.
    1. Experience working in a public sector environment.
    2. Excellent communication (written and oral).
    3. Demonstrated bench strength of qualified QSA consultants with relevant experience conducting PCI DSS 3.0 or greater RoC assessments.

© 1995-2022 City of Seattle