Germany - IT services: Consulting, software development, internet and support

For more information and to make a bid you will need to go to the third party website.

Details

Provided by Open Opps
Opportunity closing date
01 July 2019
Opportunity publication date
04 June 2019
Category
72000000: IT services: consulting, software development, Internet and support
Value of contract
to be confirmed
Your guide to exporting
Report opportunity

Description

In particular, the Contractor shall perform the services listed below, whereby the following lists are not exhaustive and may be supplemented and/or extended within the framework of the respective project. the services include the tasks listed below, which are specified in individual call-offs within the framework of the implementation of the project on the basis of the framework agreement, whereby these can be called off individually or in sub-projects/work packages.1) Service for the topic "Operation ISMS" (Profile A)- Support for tasks of the information security management system (ISMS),- Support for the administration of security concepts,- Processing of incidents and changes relevant to information security,- Support for the planning and organization of emergency exercises,- Support for the handling of IT security incidents and IT weak points (e.g. (e.g.: research on security incidents, follow-up of reports and their resolution, including verification of the sustainability of measures),- maintenance of information security information pages in different media,- support in communication of the information security team,- support in drafting templates for bodies within and outside the service,- support in general information security issues,- support in awareness campaigns/awareness raising in the field of information security.2) Service for the ISMS topic area: Information security strategy (Profile B)- Consulting for the IT service provider's information security officers and the IS strategy departments,- Support for the introduction of standard operating processes in the security environment and emergency management,- Plausibility check and optimization of existing information security management systems,- Plausibility check and optimization of emergency management (e.g. (e.g. guidelines, concepts, emergency manuals, FAQs for the preparation and maintenance of emergency documentation),- support in the introduction, further development and improvement of the emergency management process and emergency organisation,- formulation and implementation of measurement procedures and indicators for safety situation assessment, safety risks and for the determination of the safety level,- support in the preparation of drafts for comprehensive safety-related ISMS guidelines and concepts, test bases, ISMS processes, forms and standards as well as reports. The Contractor shall in particular provide the following services, whereby the following listings are not exhaustive and may be supplemented and/or expanded within the framework of the project. Services for information security consulting: IT security products as well as projects in the security environment (Profile C) - consulting on projects and procedures in security issues - support in the implementation of projects in the security environment (e.g. Examination of the use of existing and implementation of new IT security tools such as Intrusion Detection / Intrusion Prevention, Web Application Firewall, Security Information and Event Management, Content Scanner),- Technical research of new IT security products (e.g. market analysis),- Consulting and support in the use and, if necessary, development of automated evaluation and planning tools in the area of information security,- Evaluation and design of security architectures (e.g. cloud architectures, software defined networking, container technologies, devops). The Contractor shall in particular provide the following services, whereby the following listings are not exhaustive and may be supplemented and/or extended within the scope of the project: Services for the support service "Creation and Revision of IT Security Concepts" (Profile D) - Technical and methodical support in the creation and maintenance of existing IT security concepts in accordance with the BSI standards (100-x and 200-x) both in specified document form as well as in GSTOOL and other basic protection software such as those of Fa. HiScout,- Execution of protection requirement assessments according to BSI standard as part of the security concept,- Examination of existing IT security concepts or IT security concepts in internal processing with regard to completeness, conformity and traceability,- Preparation of risk analyses according to BSI Standard 100-3/200-3 Risk Management and DIN ISO 27001 et seq,- Creation of so-called user-specific building blocks within the framework of the implementation of the BSI basic protection methodology,- Technical assessment of measures for mechanism strength, reliability and completeness,- Support in the transfer of data from existing ISMS systems into an ISMS tool such as HiScout. Services for the creation and revision of emergency concepts (Profile E) - Support in the creation of emergency documents, in particular emergency manuals in accordance with the BSI standard (100-4 and 200-4),- Creation of templates for the creation of emergency documentations,- Research of mechanisms for the elimination of emergencies and internal coordination. The Contractor shall in particular provide the following services, whereby the following listings are not exhaustive and may be supplemented and/or extended within the framework of the project: services for planning, carrying out and analysing IT security audits as well as internal IT audits (Profile F); support in carrying out IT security audits and information security audits in accordance with BSI or ISO 27001; support in tracking open measures of IT security audits and IT audits. In particular, the following services are to be provided by the contractor, whereby the following listings are not exhaustive and can be supplemented and/or expanded within the framework of the project.services for support in data protection topics (Profile G)- support in the preparation of data protection documentation (e.g. data protection impact assessment, analyses in accordance with Article 32 DSGVO, list of processing activities),- support in the introduction of standard operating processes relating to data protection,- support in the evaluation and, if necessary, in the development of data protection documentation,- support in the implementation of standard operating processes relating to data protection,- support in the development of data protection documentation (e.g. data protection impact assessment, analyses in accordance with Article 32 DSGVO, list of processing activities),- support in the development of data protection documentation (e.g. data protection documentation),- support in the development of data protection documentation (e.g. data protection documentation),- support in the development of data protection documentation (e.g. data protection documentation),- support in the development of data protection documentation (e.g. data protection documentation) Adaptation of existing data protection processes,- Support in the preparation of drafts for overarching guidelines,- Support in the creation/documentation of test bases, processes and documentation templates for the area of data protection,- Support in the development of data protection standards for the use of hardware and software,- Support in the performance of data protection audits in regular operation,- Support in the processing of data protection topics within the ISMS process.

Opportunity closing date
01 July 2019
Value of contract
to be confirmed

About the buyer

Address
Land Hessen, vertreten durch die Hessische Zentrale für Datenverarbeitung Mainzer Straße 29 Wiesbaden 65185 Germany
Contact
vergabestelle@hzd.hessen.de

The deadline to apply for this opportunity has passed.
Visit the opportunities page to find another.

Is there anything wrong with this page?