Countermeasures, Inc.
Ultra Information Systems, Inc.
The Terrapin Group LLC
Buddy System

The Buddy System® Methodology (BSM)
for Security Risk Analysis and Management Software for Windows® 95, 98, NT4, 2000P, or XP
USA Commercial Price List – 1 February 2003

Item BSM-1: Comprehensive (single) License... US$14,500.00

Each Comprehensive License Includes:
- The Buddy System Risk Analysis and Management software on CD.
- Two configured and validated datasets (INFOSEC and PHYSICAL).
- Unlimited surveys and dataset configuration capability.
- Non-expiring license.
- Multi-language capability.
- Bound technical documentation.
- Program support with software upgrades and updates for 1 year.
- Two days of training on Risk Analysis methods and the BSM. Course information is provided under Item BSM-1C below. Free at vendor location.*

* For training at client site, client must pay $800.00 plus actual travel cost for 1 person. The vendor will provide a cost estimate once the training location is known.

Commercial multi-copy Comprehensive License prices are calculated as follows:
Price (US$) = 14500 + a{5000*(2/N) + 6000} [ N=2 to x] Where x is the number of copies

Item BSM-1A: Enterprise License... US$TBD*
Enterprise [or multiple copy] licensing for Item BSM-1 [recommended for large organizations] is based on a pre-determined maximum number of Comprehensive Licenses, and on the number of separate training sessions desired. Each license includes one year of support and software upgrades. Contact the vendor for a cost proposal.

Item BSM-1B: Follow on Support... US$2,900.00
This item is 1 year of follow-on support (after the 1st year) for the Item BSM-1. This is 20% of the Item BSM-1 purchase price. For multiple Comprehensive Licenses, ITEM 2 price is 20% of the original purchase price.

Item BSM-1C: 2 Days of Training... US$1,995.00
This item is 2 days of training on Security Risk Analysis Concepts and the BSM (highly recommended when upgrading Item BSM-1, or if untrained on Item BSM-1 as part of initial purchase). For training at client site, client must pay $800.00 plus actual travel cost for 1 person, in addition to the cost of Item BSM-1C.
- Course Title: Security Risk Analysis Concepts & the BSM.
- Course Description: The course contents include security risk analysis term definitions and their relationships to each other, risk analysis procedures, and how to configure and use the BSM risk analysis software.
- Course Format: The format is a combination of lecture (40%), hands-on activities (50%) and discussions (10%). Students will install and execute the BSM software on PC’s.
- Length of Course: Two (2) days. Presented in two consecutive eight (8) hour days.

- Student Prerequisites:
Mandatory: working knowledge of IBM or compatible PC’s and Windows 95 or higher.
- Desirable: fundamental knowledge of security concepts and analysis procedures.
- Class Size:
Maximum for each Option 1: Five (5).
Maximum per session: Twenty (20). [equates to 4 Option 1’s]
Minimum per session: Two (2).
- Course Location(s): The course can be presented at either the vendor’s facilities, or at the client’s site.
- Client Site: For training at client site, client must pay $800.00, plus travel and per diem for one training person. All international travel must be no less than business class airfare.
- Vendor Site: For training at the vendor site, client must pay travel and per diem for their own course attendees.
- Class Schedule: Classes will be scheduled on a case-by case basis. This course is not presented on a regular schedule.

Item WSP-1: Web Survey Setup Package... US$2,495.00
This item is a web-based survey software setup package that allows you to establish a web survey data collection capability on your own internal Windows based web server, running Internet Information Services (IIS). It provides internet or intranet access to client-specific configured datasets for survey [data collection module] completion. User needs only a web browser, such as IE or Netscape. One year of upgrades and support is included.

Item WSP-1A: Follow-On Support... US$748.50
This item is one year of follow-on web survey software setup package support. Follow-on support includes help desk and software upgrades for one year.

Item WSS-1: Web Survey Services US$1,495.00
This item is a web-based Survey (24/7) service that allows you to use an account on our secure server for 1 year. The vendor will establish, and maintain, an account specifically for the client.
This service provides internet access to client-specific configured datasets for survey [data collection module] completion. User needs only a web browser, such as IE or Netscape. Documentation and 1 year of help desk support is included

Item VDC-1: Vendor Dataset Customization US$TBD**
This item is a fully configured and validated BSM dataset developed by the vendor, based on specific requirements provided by the buyer. This option includes hardcopy documentation of the dataset configuration, with appropriate spreadsheets. The vendor will provide a cost estimate after discussion of client requirements.

Item RTU-1: NIST 800-26 Dataset US$5,995.00
This item is a ready-to-use BSM dataset for measuring compliance with NIST Special Publication 800-26 “Security Self-Assessment Guide for Information Technology Systems.” This encompasses OMB Circular A-130 [Section 8B3 and Appendix III], Computer Security Act of 1987, Paperwork Reduction Act of 1995, Clinger-Cohen Act of 1996, PDD-63, OMB Memo 99-88, GAO-FISCAM, NIST 800-14, NIST 800-18, P. L. 106-398 [GISRA], Public Switched Network Security Assessment Guidelines, and FIP Standards.

Item RTU-2: HIPAA Dataset US$7,995.00
This item is a ready-to-use BSM dataset that is capable of measuring compliance with all parts of the Health Insurance Portability and Accountability Act. More information on this dataset is available on request.

thesienagroupllc.com © 2003        Privacy Policy      Terms Of Use