AEPA is a national cooperative of education purchasing professionals representing lead agencies in their respective states.

Currently, AEPA consists of 31 member states who competitively bid contracts that are tailored to meet each state’s specific legal requirements. Awarded contracts are available statewide and facilitated by one cooperative member agency acting as the contract administrator. They will help you with any questions regarding the contract and provide any support documentation you need in order to purchase off the contract.

Please note that contracts are also available in non-member states through piggyback contract options. Download a complete member contact listing.

AL AK AZ AR CA CO CT DE FL GA HI ID IL IN IA KS KY LA ME MD MA MI MN MS MO MT NE NV NH NJ NM NY NC ND OH OK OR PA RI SC SD TN TX UT VT VA WA WV WI WY DC
Is your service agency interested in becoming a member of AEPA?
Click Here For Application

Caetra.io

Contact: Michael Compisi Work Phone: 833-955-4900 Website: https://caetra.io/
Details

CyMetric is a one-stop shop for understanding, documenting and communicating the strategy, accountability, activities and status of an organization’s cybersecurity program. Organizations in any industry, of any size or location can leverage CyMetric to support their cybersecurity and privacy initiatives.  The CyMetric platform is a centralized repository that:

  • Defines activities and tactics that satisfy regulatory, insurance, and contractual requirements written in language technology resources understand
  • Supports the documentation of the cybersecurity and privacy program components that organization leadership, state agencies or other interested stakeholders require
  • Directly ties network, security, and operational processes organizations implement to elements of a cybersecurity framework, compliance obligation, insurance requirement or any contractual/auditor requirement
  • Enables the self-assessment or third-party assessment of the cyber program to identify and prioritize risk as well as document remediation strategies to address risk
  • Produces reports that communicate the status of the program from asset inventory to compliance with regulatory requirements
  • For stakeholders who are less technologically focused, CyMetric provides a risk communication mechanism to understand where risk exists within their environment and visualize program status via reports and graphical dashboards
  • Helps identify gaps and risks in the cybersecurity program model that need to be addressed and prioritized which can quantify budgetary and resource requests
  • Demonstrates progress of the cybersecurity program over time at the organizational or individual system level
  • Adapts to changes in mapped state privacy laws or its requirements by proactively delivering updated program recommendations reflecting guidance from Caetra.io’s law firm parent organization, Harris Beach PLLC

Organizations who use CyMetric can choose between industry standard controls and tactics suggested by National Institute of Standards and Technologies (NIST) SP 800-53 publication, NIST CSF, NIST Privacy Framework, the Center for Internet Security (CIS) v8.1, ISO 27001, or industry specific guidance from CISA and for school districts, COSN TLE. Any custom controls that address privacy, notification or other unique requirements of the state specific regulations were written and validated by the attorneys at our business partner, the Harris Beach PLLC law firm.

 

 

Notes
BID 2025

Bid recommended for approval in December 2024. Contract and extensions possible through March 2029.

Download Vendor Response

Members