Information Security Registered Assessor Program (IRAP) Agent and associated security advice
Tender ID: 533642
Tender Details
Tender Description
This Tender is invited by the Issuer.
The IRAP Agent will work as a member of the SouthPAN Project and represent the cybersecurity interests of Geoscience Australia and Toitū Te Whenua Land Information New Zealand in its oversight and assurance of the SouthPAN Contractor (Lockheed Martin Australia).
The IRAP Agent will be a client-side contractor (a.k.a ‘above-the-line) in contrast to a capability-side contractor (a.k.a. ‘below-the-line’). The IRAP Agent will review documents, provide security advice and guidance, and conduct assessments of security risk within the framework of the SouthPAN Project.
The IRAP Agent will provide services under a fixed scope arrangement (for MSRs, SecWG participation, and security risk assessments) as well as a Time & Materials arrangement (for ad hoc security advice and guidance).
The IRAP Agent will review security deliverables for:
- Compliance with the SouthPAN Contract Data Requirements List (CDRL) Data Item Descriptions (DIDs);
- Assessment of suitability of content regarding system security;
- Correctness of technical content based on the Agent’s expert judgment and expertise; and
- completeness, consistency, readability, clarity, and compliance with appropriate standards, handbooks, regulations, and other criteria specified by the SouthPAN Project.
The IRAP Agent will participate in Security Working Groups (SecWG) by:
- being prepared for each meeting of the SecWG based on the meeting agenda, pre-meetings, and other relevant meeting materials;
- attending each SecWG and providing verbal/written input as required;
- progressing SecWG action items at the direction of the SouthPAN Project co-chair; and
- Provide a debrief and advice to the SouthPAN Project co-chair following each meeting.
The IRAP Agent will contribute to the Security Certification & Accreditation process by:
- Conducting a review of the compliance of the system baseline with relevant standards and regulations, including the Australian PSPF, NZ PSR, and Information Security Manuals;
- Assessing the risk of non-compliance, including any proposed ‘alternate means of compliance with security requirements; and
- Providing briefings to security authorities at GA and LINZ to inform the security accreditation process.
FURTHER DETAIL PROVIDED IN RFQ REQUIREMENTS
Location
Queensland : Cairns & Far North Queensland : Gladstone : Mackay Whitsunday Region : Mount Isa & North West Region : Rockhampton : South East Queensland : South West & Darling Downs : The Central West : Townsville : Wide Bay Burnett
Victoria : Barwon South West : Gippsland : Grampians : Hume : Loddon Mallee : Melbourne
South Australia : Adelaide : Eyre & Western : Far North : Fleurieu & Kangaroo Island : Limestone Coast : Murray & Mallee : York & Mid North
Northern Territory : Big Rivers : Central Australia : East Arnhem : Greater Darwin
Australian Capital Territory
Tasmania
Similar Tenders
Active opportunities matching this tender's categories and regions.