Proposal to provide security documentation on financial application platforms
Tender ID: 418142
Tender Details
Tender Description
This Tender is invited by the Issuer.
The Department of the Treasury is looking to engage a Security consultancy to perform a risk assessment on two of its financial systems. The focus of the security risk assessment is on SaaS systems – Expense 8 and Tech One.
The works include examining access to these systems from Treasury endpoints including mobile, VDI, desktops and laptops, interstate and overseas connections.
We have an SRMP and SSP for Tech One that needs to be reviewed and updated since the original review in 2016. An SOA also has to be provided for this system.
Expense 8 has previously never been reviewed by the Department. There is a Travel and Expense module used by the Department. We have a reference document for Expense 8 from another agency with a similar implementation to the Treasury.
In scope of works is to perform a Security Risk Management Plan (SRMP), a Statement of Applicability (SOA) and a Security System Plan (SSP) for each system.
Integrations
Tech One
Tech one transfers files to and receives files from a number of systems via sFTP. These include Treasury’s payroll system Aurion and Expense8, Treasury’s travel and expense management system. In addition, Treasury send payment files to a Government Banking institute via sFTP.
Treasury also uploads PDF copies of supplier invoices to TechnologyOne via a third party PDF reader. These files are transferred using Web services.
Expense 8
Expense8 also receive files from the Treasury’s payroll system and TechnologyOne via sFTP.
In addition, our credit card provider upload daily transactions files to Expense8 via sFTP.
Location
Similar Tenders
Active opportunities matching this tender's categories and regions.