Closed

IT Security Assessment

Tender ID: 569109


Tender Details

Tender #:
DM-25944  
Status:
Closed
Publish Date:
4 October 2024
Closing Date:
18 October 2024

Tender Description

This Tender is invited by the Issuer.

Conduct a cloud security assessment of a Power Platform based web application that includes assessment of associated Network, Azure and M365 controls.

The assessment will deliver the following document suite using the NHMRC supplied format:

  • System Security Plan Annex (Cloud Controls Matrix)
  • System Security Plan
  • Security Risk Management Plan
  • Continuous Monitoring Plan
  • Incident Response Plan

Evidence gathering is expected to include Design and As-Build Documents, interviews and direct sighting of system configurations (Appropriate access will be provided).

The assessment is expected to take approximately 6-8 weeks (plus 1 week for certification review) when conducted by a suitably qualified or experienced assessor (IRAP Assessor preferred but not essential).

A security clearance at the PROTECTED level is required for all personnel.

For further detail, refer to attached Statement of Requirements.

What are the working arrangements?

Evidence gathering can be conducted at the discretion of the vendor if the assessment is completed within the allowed time. Weekly reporting to the IT Security Advisor (ITSA), the Certification Officer, is required, and an additional week will be allowed for changes after certification review.



Icon
Interested to find more tenders relevant to you and your business? You can try our advanced tender search today.