I suspect it varies greatly depending upon the services provided, and undoubtedly from vendor to vendor.
Why don't you ask? If you are considering security assessments from three vendors, it would be reasonable to ask - what services and deliverables were proposed? - what the cost would be for those services? - was that cost figure an estimate against a number of hours, or a fixed bid? I suspect most such contracts contain a confidentiality clause, I doubt that most of the sysprogs on this list were involved in financial negotiations, and I doubt most mainframe shops would be willing to name a figure here. In any event a number would be worthless without knowing what services were provided, and the quality of those services. Disclaimer: Neither I nor my employer are in the business of security assessments, but we have various business relationships with firms that do. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of x ksi Sent: Sunday, August 14, 2016 7:52 PM To: [email protected] Subject: Mainframe's security assessments costs Hey group. I was wondering if some of you could share some information about the costs various companies charged you for performing security assessment of your mainframes? At this point literally any information will be valuable (e.g. hourly rate, particular engagement cost, order of magnitude for this type of engagements etc.). From what I can tell there are companies providing such services but their prices seem to be a one big mystery. Having even a rough estimation would allow to better choose between various providers. Thank you in advance. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
