Closed

Centralised Logging Design and Implementation

Tender ID: 603125

Tender Details

Organisation:
National Gallery of Australia
Tender #:
PCS-03334  
Status:
Closed
Publish Date:
22 December 2025
Closing Date:
2 February 2026
Closing Time:
11:59 PM (Australia/ACT)

Tender Description

This Tender is invited by the Issuer.

The National Gallery of Australia ('NGA’, ‘Gallery’) is Australia’s national visual arts institution dedicated to collecting, sharing and celebrating art from Australia and the world. We utilise a range of ICT business systems to support the delivery of our mission.

The Gallery's Information Services Division (ISD) operates a small IT team that provides business enablement services including Service Desk, business-as-usual (BAU) services (routine and out-of-band patching, break/fix, etc.), server and application support, and project-based ICT services and support to all Gallery business units. The National Gallery has a hybrid cloud and on-prem environment. The IT team is supplemented by two managed service providers (MSPs) whose responsibilities are split between network and infrastructure services. A demonstrated ability for suppliers to be able to effectively work with MSPs as required, including coordinating or escalating remediation activities, is desirable.

The Gallery has an existing managed SIEM capability (FortiSIEM), which it is interested in maximizing to assist with cyber security uplift.

The National Gallery requires the services of a provider to supply design and implementation of robust on-premise centralised logging solution (preference for Syslog-capable or a suitable alternative) that can support ongoing uplift in cyber security maturity.

The goals of the procurement are:

  • To identify and onboard relevant source systems across the whole of National Gallery IT and OT (operational technology) environment for cyber security logging.
  • To implement a centralised logging system (syslog-ng or equivalent), ingest and normalise logs, provide resilient retention.
  • To ensure the logging capability is aligned with the Essential Eight maturity uplift with relevant guidance from the Information Security Manual (ISM).
  • To provide the foundations for timely detection, forensic readiness, compliance retention and audit capability.

This work is in preparation for the future onboarding of a monitoring capability.

All work must be completed and invoiced by the closure of the contract 30 June 2026.

Estimated start date: Monday, 16 February 2026

Initial contract duration: From when the contract commences until 30 June 2026.

Extension term: Not applicable

Location of work: ACT

Working arrangements: Hybrid

Location

Australian Capital Territory  

Category

Information & Communication Technology   :   Software & Application Development Services   :   Software Purchasing & Leasing Supply