Cyber Security Operating Model and Alignment Review
Tender ID: 613512
Tender Details
Tender Description
This Tender is invited by the Issuer.
he Australian Competition and Consumer Commission (ACCC) is seeking to engage an external consultancy to undertake an agency-wide (enterprise) review of cyber security operating arrangements across the ACCC (not limited to any single division or program).
The review is being commissioned in the context of:
- increasing operational and regulatory complexity across agency managed digital platforms and services
- emerging cyber security obligations and expectations associated with systems supporting nationally significant functions
- the need to ensure cyber security responsibilities, governance arrangements, operational models, and supporting capabilities are effective, sustainable, scalable, and appropriately aligned across the organisation
- the planned introduction of a Chief Information, Data and Digital Officer (CIDDO) role to provide enterprise leadership of the ACCC’s data, digital and technology capabilities
- observations arising from a recent review into the CDR architecture and operating model, identifying potential duplication, fragmentation, inconsistent operating approaches, and operational inefficiencies across technology and cyber security functions.
The review will focus on cyber security arrangements across the ACCC, including:
- Information Management and Technology Services Branch – responsible for the agency’s ICT services, including the National Anti-Scam Centre systems
- Digital ID Division – responsible for the agency’s Digital ID systems and environments
- Consumer Data Right Division – responsible for the Consumer Data Right system and supporting environments.
This review is also being commissioned in the context of increasing expectations associated with Systems of Government Significance (SoGS).
Both the Consumer Data Right platform and the National Anti-Scam Centre platform have been designated as SoGS, resulting in heightened expectation regarding cyber security governance, operational resilience, assurance, risk management, and oversight arrangements.
These systems are currently owned and managed by separate areas of the organisation and operate under differing operational, governance, and cyber security arrangements. The agency is seeking to better understand where the current approaches remain appropriate, effective, sustainable, and aligned, and where opportunities exist to improve consistency, coordination, efficiency, governance clarity, and risk management outcomes across cyber security functions.
This engagement is not intended to be a broad independent assurance audit, technical penetration testing exercise, or compliance certification activity. Rather, it is intended to provide a practical assessment of current arrangements, identify risks and opportunities, and support consideration of future operating options and alignment opportunities. This review will build on findings generated through the earlier assessment of the technology components within the Consumer Data Right Architecture and Operating Model.
Location
New South Wales : Central West : Far North Coast : Far West : Hunter : Illawarra : Mid North Coast : Murray : New England : Orana : Riverina : Southern Highlands : Sydney
Queensland : Cairns & Far North Queensland : Gladstone : Mackay Whitsunday Region : Mount Isa & North West Region : Rockhampton : South East Queensland : South West & Darling Downs : The Central West : Townsville : Wide Bay Burnett
Victoria : Barwon South West : Gippsland : Grampians : Hume : Loddon Mallee : Melbourne
South Australia : Adelaide : Eyre & Western : Far North : Fleurieu & Kangaroo Island : Limestone Coast : Murray & Mallee : York & Mid North
Northern Territory : Barkly : Big Rivers : Central Australia : East Arnhem : Greater Darwin : Top End
Australian Capital Territory
Tasmania
Similar Tenders
Related tenders matching this tender's categories and regions.