Closed

Cyber Security Risk Assessment – Traffic and Parking Enforcement Solutions (TAPES) Program

Tender ID: 593393

Tender Details

Organisation:
Chief Minister, Treasury and Economic Development Directorate
Tender #:
PCS-02756  
Status:
Closed
Publish Date:
28 August 2025
Closing Date:
8 September 2025
Closing Time:
11:59 PM (Australia/ACT)

Tender Description

This Tender is invited by the Issuer.

The City and Environment Directorate (CED), on behalf of the ACT Government, is seeking to engage a suitably qualified supplier to deliver independent cyber security risk assessment services for the Traffic and Parking Enforcement Solutions (TAPES) Program.

TAPES is a multi-package digital transformation initiative that will modernise traffic and parking enforcement across the ACT. It involves three core solution packages – the Traffic Enforcement Solution (TES), the Parking Enforcement Solution (PES), and the Infringement Management System (IMS) – all of which integrate with critical ACT Government systems, including Rego.ACT. The program will manage sensitive data such as vehicle movements, enforcement actions, customer records, and payments, making robust cyber security assurance essential.

The purpose of this procurement is to obtain specialist cyber security services that will:

  • Conduct a procurement-focused risk assessment during the negotiation phase to validate shortlisted supplier proposals against the TAPES Statement of Requirements, the ACT Government Cyber Security Policy, and the ACT Protective Security Policy Framework.
  • Undertake detailed pre-contract cyber security risk assessments of each TAPES package (TES, PES, IMS) to ensure supplier solutions can be securely configured and to inform contract negotiations.
  • Perform post-contract design and delivery stage assessments to validate implementation of agreed security controls and provide assurance prior to go-live.

The supplier will be required to deliver a range of outputs, including risk assessments, control gap analysis, mitigation recommendations, risk registers, and draft System Security Plans (SSPs). The assessments must also consider compliance with relevant standards, including PCI-DSS, due to payment processing functions within TAPES.

This engagement is time-critical, with strict timeframes aligned to the TAPES procurement and implementation schedule, and suppliers must demonstrate capacity to scale resources to meet concurrent assessment demands.

Location

Western Australia   :   Gascoyne   :   Goldfields/Esperance   :   Great Southern   :   Kimberley   :   Mid West   :   Peel   :   Perth Metropolitan   :   Pilbara   :   South West   :   Wheatbelt  
New South Wales   :   Central West   :   Far North Coast   :   Far West   :   Hunter   :   Illawarra   :   Mid North Coast   :   Murray   :   New England   :   Orana   :   Riverina   :   Southern Highlands   :   Sydney  
Queensland   :   Cairns & Far North Queensland   :   Gladstone   :   Mackay Whitsunday Region   :   Mount Isa & North West Region   :   Rockhampton   :   South East Queensland   :   South West & Darling Downs   :   The Central West   :   Townsville   :   Wide Bay Burnett  
Victoria   :   Barwon South West   :   Gippsland   :   Grampians   :   Hume   :   Loddon Mallee   :   Melbourne  
South Australia   :   Adelaide   :   Eyre & Western   :   Far North   :   Fleurieu & Kangaroo Island   :   Limestone Coast   :   Murray & Mallee   :   York & Mid North  
Northern Territory   :   Barkly   :   Big Rivers   :   Central Australia   :   East Arnhem   :   Greater Darwin   :   Top End  
Australian Capital Territory  
Tasmania  

Category

Information & Communication Technology   :   Consultancy & Project Management   :   IT Security Services