AB-2025-06647 - CYBERSECURITY ASSESSMENT (Канада - Тендер #67961536)

AI Overview

Seeking qualified consultants to conduct a comprehensive cybersecurity and resilience assessment that evaluates current security posture, identifies vulnerabilities, and develops a strategic roadmap for ongoing security improvement.

Basic Information

Reference Number

00004767308

Issuing Organization

Health Quality Council of Alberta

Solicitation Type

RFP - Request for Proposal (Formal)

Solicitation Number

AB-2025-06647

Title

CYBERSECURITY ASSESSMENT

Source ID

SCRIBE

Details

Location

Alberta

Purchase Type

Not Stated

Dates

Publication

2025/10/23 10:23:00 AM EDT

Closing Date

2025/11/12 06:30:00 PM EST

Contact Information

Dianne Schaeffer

dianne.schaeffer@hqa.ca

Description

Health Quality Alberta is seeking proposals from qualified consultants to undertake a comprehensive cybersecurity and resilience assessment that evaluates the current security posture, identifies vulnerabilities, and informs the development of a strategic roadmap for ongoing security improvement. The assessment must be conducted in alignment with recognized frameworks and be adapted to the organization’s size, sector, and risk profile.

Background Information
Health Quality Alberta is a provincial agency that brings together patients, families, and our partners from across healthcare and academia to inspire improvement in patient safety, person-centred care, and health service quality. We are grateful to work, live and learn on the traditional Treaty territories and Métis lands in Alberta. We assess and study the healthcare system, identify effective practices, and engage with Albertans to gather information about their experiences. We value diverse perspectives, and bring objective, evidence-based analysis to our work. Our responsibilities are outlined in the Health Quality Council of Alberta Act. To learn more about Health Quality Alberta, visit www.Health Quality Alberta.ca.


Purpose & Scope of Work
The purpose of the project is to:
• Provide an objective, end-to-end evaluation of cybersecurity governance, infrastructure, and practices.
• Identify strengths, weaknesses, and priority areas/actions for remediation.
• Develop a collaborative cybersecurity strategy that reflects organizational needs, resources, and risk tolerance.
• Present findings in formats suitable for both technical staff and executive leadership.
Scope of work and deliverables
The Consultant selected through this RFP will enter into an agreement with Health Quality Alberta to provide the following services:
1. Comprehensive Review and Scoping Session – Initiate the engagement with a review of Health Quality Alberta’s technology environment, governance structures, and service needs. Facilitate a scoping session with Health Quality Alberta’s leadership and technical staff to co-develop a tailored plan for the assessment and subsequent strategy development.
2. Governance and Risk Management Review – Assess cybersecurity governance structures, roles, policies, procedures, and AI applications. Evaluate alignment with legislation, regulatory requirements, and industry best practices, and identify gaps in risk management processes.
3. Technology and Infrastructure Assessment – Conduct a high-level vulnerability and configuration review of critical systems, networks, cloud environments, and AI applications.
4. Identity, Access, and Data Protection Review – Assess identity and access management practices, data protection measures, and monitoring/logging.
5. Incident Response and Resilience Evaluation – Evaluate incident detection, response, recovery capabilities, and business continuity practices. Review and provide recommendations to strengthen business continuity and disaster recovery capabilities.
6. Culture and Capacity Assessment – Evaluate staff awareness and cybersecurity training programs. Identify opportunities to build organizational capacity and reinforce a culture of cybersecurity awareness and accountability.
7. Assessment Report and Executive Summary – Prepare a comprehensive report summarizing findings, risk ratings, and prioritized recommendations, accompanied by a concise executive summary suitable for senior leadership and governance audiences.
8. Cybersecurity Strategy and Roadmap – Develop, in collaboration with Health Quality Alberta, a strategic roadmap that outlines short-, medium-, and long-term actions and priorities, resourcing considerations, and key performance measures to guide future security initiatives.
9. Best Practices Reference Document – Produce a practical guide that captures cybersecurity best practices tailored to Health Quality Alberta’s environment, serving as a reference tool for current and future staff.
10. Presentation of Findings – Deliver presentations to both technical teams and executive leadership, highlighting key findings, risks, and recommended next steps for strategic decision-making.

See more Disclaimer All amendments to the associated notice, including amended documents, plans and specifications (where applicable), are issued on purchasing.alberta.ca. MERX asks that you refer to the purchasing.alberta.ca notice for these amendments. MERX stipulates that potential bidders may also be required to register with the buying authority as a bidder/plan taker. The contact information can be found within the notice abstract.

Источник закупки

Перейти

Импорт - Экспорт по стране Канада