Copyright © 2026 RFPPlanet. All rights reserved.
Privacy Policy
Cookie settings
Terms of Use
The vendor required to provide security consulting services (SRC’s) enterprise security posture, provide a defensible, data driven foundation for prioritizing investments, and support the development of a scalable, harmonized security program aligned with SRC’s operational, regulatory, and research mandates.
- Requirements
1. Planning and initiation
• Conduct a project kickoff meeting to confirm objectives, scope boundaries, and stakeholders.
• Submit a detailed assessment plan, including methodologies, tools, timelines, and team composition.
• Identify key sites, systems, and information assets to be included in the assessment.
2. Cybersecurity assessment
• Review SRC’s cybersecurity governance, policies, and procedures.
• Evaluate controls for network defense, endpoint protection, access management, data protection, and incident response.
• Assess vulnerabilities in critical systems, applications, and infrastructure.
3. Physical security assessment
• Evaluate the adequacy and performance of existing facility security controls (access systems, physical keys, cctv, intrusion detection, and perimeter defenses)
• Assess processes for visitor management, asset protection, and incident response coordination.
• Review facility-specific vulnerabilities, environmental threats, and mitigation measures.
4. Risk analysis
• Conduct a comprehensive analysis of threats, vulnerabilities, and impacts across both cyber and physical domains.
• Quantify inherent and residual risks using a structured scoring methodology.
• Prioritize risks based on likelihood, impact, and SRC’s defined risk tolerance.
5. Recommendations and roadmap
• Develop actionable recommendations to mitigate identified risks.
• Propose a prioritized roadmap distinguishing short, medium, and long-term improvements.
• Provide cost and effort estimates where feasible.
6. Project management and communication
• Assign a project manager to maintain communication throughout the engagement.
• Provide progress updates at agreed intervals and deliver all materials in both electronic (pdf/word) and presentation formats.
• Include opportunities for collaborative workshops or knowledge transfer sessions (e.g., leadership briefings or awareness training) to build SRC’s internal capacity for ongoing risk management).
- Contract Period/Term: 5 years
Set up free email alerts and get notified when new government bids, tenders and procurement opportunities match your industry and location. Choose daily or weekly delivery.
