The Information and Communications Technology Services (ICTS) of the OSCE Secretariat located in Vienna, Austria is interested to establish a “one-off” Contract with the qualified and interested company for the provision of IT Security Consulting Services – Security Architecture and Governance Review with a special view on Cyber Security.
The appointed Contractor will be tasked to review and evaluate the current information security (especially cyber security) capabilities of the OSCE and the improvement plans and provide an assessment report on the findings with specific, prioritized recommendations. The planned assessment shall be done mainly on-site and should address the followings issues:
Review of the policies, procedures and controls, including the Information Security Baseline;
Review of information security organization, roles and responsibilities, Segregation of Duties;
High-level technical review of systems and tools, including architecture, configuration and scope;
Review of the Information Security Improvement Plan;
Review of the Information Security Baseline.
In order to be eligible to participate in the Request for Quotation (RFQ) process, your company should fulfill the following minimum mandatory requirements:
At least 5 years of experience in the area of information security consultancy and review;
Must have ISO27001 or equivalent security certificate;
Skilled staff with experience in IT security audit with a special focus on cyber security;
Subcontractors are not allowed;
Ability to perform assigned tasks on-site at the OSCE Secretariat premises (Vienna, Austria).
The copy of the RFQ document can be requested using the below contact form. Offers must be sent by email at firstname.lastname@example.org no later than 29 September 2017 at 12:00HRS (CET).