The Digital Transformation Agency (DTA) has issued a request for quote (RFQ) to deliver specialist cyber security assurance services for DTA’s Secure Operating Environment and PROTECTED Microsoft 365 operating environment.
DTA operates a cloud-native environment that supports the delivery of government services and is seeking independent assurance that its security controls are appropriately selected, implemented, operating effectively and continuously monitored in line with the sensitivity, business criticality and risk profile of its systems.
The engagement is intended to support DTA’s Authorisation to Operate decision-making by assessing the security posture of relevant operating environments against the Australian Signals Directorate Information Security Manual and the Protective Security Policy Framework, identifying security risks and control gaps, and providing clear, prioritised recommendations to support remediation and ongoing risk management.
At a high level, DTA is seeking services that may include an independent IRAP assessment, penetration testing, and the development or review of key security artefacts required to support assurance, authorisation and risk management activities.
The successful supplier will need to demonstrate appropriate independence, relevant cyber security and risk management expertise, suitable security clearances, experience with cloud-based environments, and the capability to deliver high-quality outcomes within the required engagement timeframe.
The RFQ closes at 11:59pm on June 30, with an estimated start date one month later. The initial contract term is three months, and there are no extension provisions.
.jpg&h=142&w=230&c=1&s=1)
.jpg&w=100&c=1&s=0){kind=logo}
.jpg&w=100&c=1&s=0)
