Request for Information Questionnaire (RFIQ)

Security Posture Assessment (SPA)

1. Applicant Details
a. Name: Ruddy Kurniawan

b. Position: IT Security

c. Name of organization: Asuransi Etiqa Internasional Indonesia

d. Telephone No: 081213020031

e. Email: ruddy.kurniawan@etiqa.co.id

2. General Information
a. Name of organization: PT Asuransi Etiqa Internasional Indonesia

b. Total no. of employees:

c. Total no. of office sites/location: 9

d. What is the nature of your business?: Insurance

3. Qualifying Questions
Where is the assets hosted (On-premise, 3rd Party Hosting Provider or Cloud Platform)? On-
a.
premise

If the assets are hosted at a 3rd Party Hosting Provider or a Cloud Platform, please indicate which
hosting plan did you subscribe to?
b. (3rd Party Hosting Providers and Cloud Platforms only allow penetration tests to be conducted under specific
criteria and requirements. For example, lower/basic hosting plans do not allow penetration tests to be
conducted)

What is the total number of IT assets relevant to the scope of SPA?

c (IT assets include servers, network devices & security devices)

3 (three) assets

Based on item 3c. (total number of IT assets), how many are accessible from the public?
(i.e. has Public IP addresses)
d.
103.22.250.141
103.22.250.139

Confidential © 2020 Nexagate Sdn Bhd. All Rights Reserved. Version 1.0
 Based on item 3c. (total number of IT assets), please separate the assets according to the following
e.
list:

i. Number of servers: 1

ii. Number of network devices: 1

iii. Number of security devices: 1

iv. Others:
(please specify)

f. How many Databases are within the scope of the SPA?

g. How many Web Application are in the scope of the SPA?

h. How many physical sites are involved?)

i. Based on item 3h, please list down the location(s) of each site.

i.
ii.
iii.

j. How many Mobile Applications are in the scope of the SPA?

Based on item 2j, which platforms are the Mobile Application running on?
k.
(i.e.: iOS, android, windows, etc. Please include the respective version as well)

android

Confidential © 2020 Nexagate Sdn Bhd. All Rights Reserved. Version 1.0
l. How many Wireless Access Point(s) are within the scope of the SPA?

N/A

Is Knowledge Transfer part for the scope of the SPA Scope? (Yes/No)? If Yes, what are
m.
you suggested topic(s) of interest?

Yes

4. Additional Scope of Work

a. Please select from the list below, other additional SPA services that you might be interested in.
Information Security Policy Review Physical Security Review

Application Load / Stress Test Security Devices Testing

IPV 6 Readiness Assessment Data Loss Risk Assessment

Capture The Flag (CTF)Simulation Hardening Workshop

Network Architecture Review Social Engineering

Network Performance Test Post Review

Confidential © 2020 Nexagate Sdn Bhd. All Rights Reserved. Version 1.0