Delivering training on ISO 27001 for staff of National Authority for Electronic Certification and Cybernetic Security (NAECCS)
Request for consultancy services – terms of reference
Project Unit: RisiAlbania – Partner for Growth
Supported by: Swiss Agency for Development and Cooperation SDC
Location: Home-based
Estimated duration: 30th June – 31st July, 2020
Deadline to submit Application: 23 June, 2020
1. Background
RisiAlbania Project is supported by the Swiss Agency for Development and Cooperation (SDC) and implemented by a consortium consisting of HELVETAS Swiss Inter-cooperation and Partners Albania. The overall goal of the project is to contribute to an increase in employment opportunities for young women and men (age 15-29) in Albania. This goal will be achieved through:
(i) enhanced growth and job creation by the private sector in three selected subsectors agro business, tourism, and ICT (labor demand),
(ii) improved access to job opportunities and labor market information and services (intermediation), and
(iii) improved skills of young people by improving the offer of private training providers in the three selected sectors (labor supply).
Risi is supporting the National Authority for Electronic Certification and Cybernetic Security (NAECCS) to stimulate the development of cybersecurity and e-commerce services in the market to allow companies to comply with the 2017 Cybersecurity Law.
2. Objective(s) of the consultancy
The objective of consultancy is to 1) train key staff of NAECCS on ISO standard 27001 concerning information security management systems, and 2) certify 7 members of staff as lead auditors. The goal is to increase NAECC’s knowledge on information security procedures, their capacities to conduct assessment of private sector companies and determine whether they follow legal requirements according to the 2017 Cybersecurity Law, and to advise them on how to become compliant. The training will improve overall capacities of NAECCS staff and the agency’s capacity to engage with the private sector.
3. Expected Outputs
• Deliver a training on ISO 27001 to seven NAECCS staff;
• Deliver written test to NAECCS trainees;
• Deliver certifications to trainees who pass the test results;
• Organize audits in three companies with information security management systems for the NAECCS lead auditors.
4. Deliverables
The Consultant /s will write an activity report including training curricula, participants, test results, and a list of certified auditors within 30th July, 2020.
5. Consultant profile
• Companies specialized in international quality standards and accredited in Albania;
• International accreditation for the training on Lead Auditor for ISO 27001;
• Experience with training and consulting on international quality standards in Albania;
• Fully available during the timeframe of this research.
6. Submission of the proposal
a. Technical proposal: describe briefly the methodology and workplan you would use to successfully fulfil the service or activities requested. Free format, up to 3 pages.
b. Financial proposal: The proposed fee shall include all the taxes. Costs must be broken down by fee rate and number of units for each proposed expert and service. Free format.
c. Team and references: Latest CV of team members with relevant experience (up to 2 pages per expert), documentation of relevant previous experience and contacts of the respective references.
d. Submission: Applicants must send by email a scanned version of the proposal in PDF format, signed, stamped, and including a date of submission. They should also submit the electronic NIPT and registration document in QKB together with the proposal.
We expect proposals to be submitted in English or Albanian (English preferred) in 1 electronic copy via email to the address [email protected] by June 23rd, 2020, at 15:00. Proposals handed outside the indicated timeline may not be considered. For any questions you might have related the application, please, write by email: [email protected] within June 18th, 2020.
7. Candidate assessment and selection
The selection of the service providers will be evaluated based on a cumulative analysis of the fulfillment of the evaluation criteria. The contract will be awarded to the service provider providing the best technical and financial offer based on the evaluation criteria below:
NDIQE LIVE "PANORAMA TV" © Panorama.al
