The Future Fund Management Agency (“Buyer” or “FFMA”) is deploying an internally hosted Large Language Model ("LLM") platform, using internally hosted Azure OpenAI and AWS Bedrock. The aim is to provide staff members with access to LLM models to help them in their daily tasks and research.

The Buyer is seeking to partner with an experienced security vendor (“Seller”) to perform a penetration test to ensure that users do not have access to data sources they are not supposed to have, and that prompts and responses are kept within the Agency. The Seller must conduct a range of security assessments and deliver a final report in alignment with FFMA's requirements (collectively the "Services"), including:

• LLM and AI Penetration Test (during which the Seller will attempt to identify security issues with the OpenAI and AWS Bedrock LLM models); and
• Analysis and Reporting with Quality Assurance (during which the Seller will interpret results gathered from previous stages and produce a report, running a 3-step Quality Assurance process to ensure report correctness and completeness).

RFQ / Opportunity brief pack (documents):

• This RFQ/opportunity brief
• FFMA Additional Terms and Conditions (draft)
• Seller Conflict of Interest Declaration form

RFQ / Opportunity response requirements

As part of your response to this RFQ, the Seller(s) are asked to:

• provide a statement of work ("SOW") along with a formal quotation / price schedule / rate card for the above-mentioned scope of Services;
• prepare and sign the Seller Conflict of Interest Declaration form;
• review and acknowledge compliance to the attached Buyer's Additional Terms and Conditions (draft); and
• provide all applicable Seller terms and conditions, EULA and any other contractual schedules including any exclusions that will collectively form the contract for the Services, that is tailored for Government Agency, should you be selected as the preferred supplier. We will not accept any additional legal terms post receipt of the RFQ response submissions.