Closed

Cyber Security Assessment for An External Salesforce Platform

Tender ID: 551066


Tender Details

Tender #:
DM-22533  
Status:
Closed
Publish Date:
29 February 2024
Closing Date:
12 March 2024

Tender Description

This Tender is invited by the Issuer.

⁠⁠⁠Outcome

The newly developed external Salesforce platform will be required to obtain a current Authority to Operate for the National Industry PhD Program administration. This will include two parts:

  1. Part 1: Complete the assessment for the ‘pre-application and application module’ no later than 31 May 2024 to obtain Authority to Operate.
  2. Part 2: Complete the assessment for the ‘application assessment and funding management module’ no later than 30 November2024 and update any relevant documents in Part 1 ensuring that the Authority to Operate remains current and compliant for all the assessed modules.

Deliverables

  1. The procured ICT assessors complete the independent Infosec Registered Assessors Program (IRAP)/Cyber Security equivalent assessment for the external Salesforce platform.
  2. The procured ICT assessors provide the required security documentation substantiated with supporting evidence in accordance with the Australian Government standards (PSPF - Protective Security Policy Framework, ISM - Information Security Manual, HCF - Hosting Certification Framework) for the Department’s approval on the Authority to Operate.
  3. The procured ICT assessors amend and update the required security documentation substantiated with supporting evidence in accordance with the Australian Government Standards (PSPF - Protective Security Policy Framework, ISM - Information Security Manual, HCF - Hosting Certification Framework) for the obtained Authority to Operate.

Deadline

  1. All the required security documentations for Part 1 will be delivered by the procured ICT assessors to the Department by 31 May 2024.
  2. All the required security documentations for Part 2 are expected to be delivered by the procured ICT assessors to the Department no later than 30 November 2024, subject to the deployment of the ‘application assessment and funding management module’.

Skill/Expertise Required for the Outcome

  1. Contractors should have demonstrated experience in applying the ISM, PSPF, HCF and its guidance to perform the assessments.
  2. Experience in delivering government contracts relating to security governance, risk and compliance.

Clearance Process

  1. FAS minute prepared by DEWR Cyber Assurance will be submitted to Assistant Secretary, DEWR Security Operations Branch to obtain the Authority to Operate.



Similar Tenders

Active opportunities matching this tender's categories and regions.