Closed

Information Security Registered Assessor Program (IRAP) Agent and associated security advice

Tender ID: 533642


Tender Details

Organisation:
Tender #:
DM-19764  
Status:
Closed
Publish Date:
8 August 2023
Closing Date:
11 August 2023

Tender Description

This Tender is invited by the Issuer.

⁠⁠⁠The IRAP Agent will work as a member of the SouthPAN Project and represent the cybersecurity interests of Geoscience Australia and Toitū Te Whenua Land Information New Zealand in its oversight and assurance of the SouthPAN Contractor (Lockheed Martin Australia).

The IRAP Agent will be a client-side contractor (a.k.a ‘above-the-line) in contrast to a capability-side contractor (a.k.a. ‘below-the-line’). The IRAP Agent will review documents, provide security advice and guidance, and conduct assessments of security risk within the framework of the SouthPAN Project.

The IRAP Agent will provide services under a fixed scope arrangement (for MSRs, SecWG participation, and security risk assessments) as well as a Time & Materials arrangement (for ad hoc security advice and guidance).

The IRAP Agent will review security deliverables for:

  • Compliance with the SouthPAN Contract Data Requirements List (CDRL) Data Item Descriptions (DIDs);
  • Assessment of suitability of content regarding system security;
  • Correctness of technical content based on the Agent’s expert judgment and expertise; and
  • completeness, consistency, readability, clarity, and compliance with appropriate standards, handbooks, regulations, and other criteria specified by the SouthPAN Project.

The IRAP Agent will participate in Security Working Groups (SecWG) by:

  • being prepared for each meeting of the SecWG based on the meeting agenda, pre-meetings, and other relevant meeting materials;
  • attending each SecWG and providing verbal/written input as required;
  • progressing SecWG action items at the direction of the SouthPAN Project co-chair; and
  • Provide a debrief and advice to the SouthPAN Project co-chair following each meeting.

The IRAP Agent will contribute to the Security Certification & Accreditation process by:

  • Conducting a review of the compliance of the system baseline with relevant standards and regulations, including the Australian PSPF, NZ PSR, and Information Security Manuals;
  • Assessing the risk of non-compliance, including any proposed ‘alternate means of compliance with security requirements; and
  • Providing briefings to security authorities at GA and LINZ to inform the security accreditation process.

FURTHER DETAIL PROVIDED IN  RFQ REQUIREMENTS



Similar Tenders

Active opportunities matching this tender's categories and regions.