Network and Information Security Audit

0010556457

2026-01-28 11:00

Tender Closed on: 2026-02-11 11:00

Audit Services - Technical, Operational, Financial, Compliance and Information Technology, Information and Communications Technology, IT Architecture, ICT Strategy, Data Analyst, ICT Audits

Centurion, Gauteng, Pretoria

Electoral Commission (IEC)

Scroll down for tender details and to access the tender documents

Electoral Commission (IEC) Tenders

Account Functions

You will need an account login to View Tender Documents, Create a Business Listing on the site or to add your details to show your interest in joining a Joint Venture or working as subcontractor for this tender


  • Sign Up
Or Login Using
Please wait. Signing you in...
Or Login Using
Please wait. Signing you in...
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.
Tender Number: 0010556457
Department: Electoral Commission (IEC)
Tender Type: Request for Bid(Open-Tender)
Province: National
Closing Date: Wednesday, 11 February 2026 - 11:00
Place where goods, works or services are required: 1303 Heuwel Avenue - Centurion - Pretoria - 0046
Special Conditions: N/A
ENQUIRIES:
Contact Person: Yash Sookan
Email: [email protected]
Telephone number: 012-622-5700
FAX Number: N/A
BRIEFING SESSION:
Is there a briefing session?: Yes Is it compulsory? NO
Briefing Date and Time: Wednesday, 28 January 2026 - 11:00
Briefing Venue: Virtual-Link attached

This tender is also available from www.etenders.gov.za


Tender Summary

Objectives

The primary objective of this tender is to engage a qualified service provider to conduct comprehensive security audits and assessments of the Electoral Commission’s ICT network and infrastructure. This includes identifying vulnerabilities, evaluating compliance with security standards, and providing actionable recommendations to enhance security posture. The audits aim to produce independent reports that inform both technical and operational management, ensuring the integrity, confidentiality, and resilience of the Electoral Commission’s digital environment.

Scope

The scope encompasses:

  • Assessment of ICT network and infrastructure, including internal and external penetration testing.
  • Review of security controls around LAN, WAN, data centers, workstations, web and mobile applications.
  • Evaluation of security policies, architecture, and configurations of network devices (routers, switches, firewalls, IPS).
  • Assessment of remote access solutions such as VPN and APN.
  • Vulnerability scans and penetration testing of websites, applications, VMD systems, and cloud environments (Azure, M365, Google Cloud).
  • Evaluation of identity and access management systems, including MFA, PAM, and PIM.
  • Testing of human vulnerabilities through social engineering exercises.
  • Assessment of database security (Oracle, SQL Server) and overall disaster recovery capabilities.
  • Review of security policies, procedures, and compliance with standards like POPIA, NIST, ISO 27000, CIS Benchmarks.
  • Two assessments scheduled approximately 6 months apart, with reports to be shared with stakeholders.

Technical Requirements

The technical specifications include:

  • Use of latest vulnerability assessment and penetration testing methodologies.
  • Assessment of network topology, security controls, and configurations of all relevant hardware and software components.
  • Evaluation of web and mobile applications against OWASP Top 10 risks.
  • Security testing of cloud environments and APIs.
  • Testing of identity management systems and human factors (social engineering).
  • Analysis of security incident detection, response, and recovery capabilities.
  • Provision of detailed methodologies, tools, and solutions used for assessments.
  • Preparation of comprehensive reports with findings, risk levels, and remediation recommendations.
  • Re-assessment after remediation to verify effectiveness.

Skills and Skills Requirements

The successful bidder must demonstrate:

  • At least 5 years’ experience in conducting IT security audits and vulnerability assessments.
  • Proven track record with a minimum of three similar projects, including references with contact details and scope descriptions.
  • Expertise in network security, application security, cloud security, database security, and human vulnerability testing.
  • Qualified security professionals, including at least two team members with certifications such as:
    • Certified Ethical Hacker (CEH)
    • Offensive Security Certified Professional (OSCP)
    • Certified Information Systems Security Professional (CISSP)
    • Certified Information Security Manager (CISM)
  • Ability to develop and implement detailed methodologies, including testing tools and procedures.
  • Security clearance as required by the Electoral Commission.
  • Experience in managing sensitive data and ensuring confidentiality and data protection compliance.
  • Capability to perform team-based exercises such as war games and cryptography analysis.
This summary is AI generated. Download the tender documents for all the information.

How to Submit a Response / Quote to this Tender

The information needed for submitting your quote is in the description of the tender and the Tender Documents. You will also need documents and templates supplied by the entity that issued the tender, in order to supply the correct business and quote information.

To get the Tender Documents, click on the “Download Tender Documents” button below. This will take you to the Download page for this specific tender. To download the documents, you will need to create a Free Download account and then Login to this account. There is a Registration and Login form on the Download page, or above the tender description on this page. There are also Register and Login links at the top of all pages of this website.

Once you have the Tender Documents, complete them with your details and the quote details and submit to the entity or organisation that issued the tender. The details and method to submit are in the tender description and the tender documents.

Joint Ventures, Consortia and Subcontracting:

Most large tenders are composed of tasks in a number of different fields, and it is not always possible for a single company to cater for all of them, and therefore Joint Ventures and Consortia are formed to then submit a tender together.

Government tenders are also requiring the subcontracting of a percentage of the tender work, and the trouble is then finding Subcontractors to comply with the tender requirements

To assist companies with finding tender partners and subcontractors, you can now submit your contact details and company information on this page, so other interested parties can contact you for purposes of forming Joint Ventures and subcontracting

You will need to supply your details on every tender you are interested in tendering for. For this you need an active Business Listing - Register and Login at My Account to create a Business Listing

NOTE: This is not a tender application form, it is meant to facilitate the meeting of partners to form a Joint Venture or Subcontractor relationship for this tender only


To submit your details for this tender, you will need to Register an account - see the Registration form on this page or go to My Account

If you already registered, please login at My Account

You will also need to create a Business Listing in order to show your information here

Potential Subcontractor and Joint Venture Partners

To view a list of Businesses that match the Categories of this tender,
please Subscribe to a Paid Notification Plan

(If you are already a Paid Subscriber - not Trial, please Login to view this information on this tender)

Why not let us send tenders to your inbox?

from R120 per month