Posted on 2023-11-12 / 471

[Tender Reference No.] 112-15
[Subject of the Procurement] NYDFS Cyber Security Requirements Comply, Audit, and Consult                  
[Procuring Entity] Bank of Taiwan, New York Branch
[Contact Person] Procurement Department, Ms. Wu
[Tel. No.] 212-968-8128#14                
[Time-limit for Receipt of Tenders] 11/20/2023 17:00 EST
[Date of Tender Opening] 11/21/2023 12:00 EST
[Summary of the Qualification requirements]
1.1    The consultant company must have following qualifications and experiences:
1.1.1     Assisted 5 or more financial institutions(FIs) acquired ISO 27001 certificate.
1.1.2     Assisted information security compliance for class A government unit or 3 or more class B unit.
1.1.3     Assisted 3 or more FIs for 23 NYCRR Part 500 compliance.
1.1.4     Assisted 8 or more FIs in information security compliance, including experience in NYCRR 500, FFIEC Cybersecurity Assessment Tool, and SWIFT Customer Security Program. In addition, at least 3 of the FIs must located in United State.
1.1.5     Conducted 5 or more on site audit for FIs’ oversea branches in recent 2 years.
1.1.6     Assist FIs establish information security organization.
1.1.7         Implemented information security management system, acquired ISO 27001:2013 or other similar certificate. Certificates shall continue to be effective during the project period.
1.2    The project manager must have following qualifications:
1.2.1     At least 5 year experiences in information security management projects.
1.2.2     Acquired one of following certificates: ISO27001 Lead Auditor, Certified Information Systems Auditor(CISA), Certified Information Systems Security Professional(CISSP), or Offensive Security Certified Professional(OSCP).
1.2.3     Performed NYDFS 23 NYCRR 500 compliance review for at least three FIs.
1.3    Team members of the project must have one of following qualifications:
1.3.1     Assisted FIs acquired ISO 27001 certificate and assisted overseas branches of financial institutions in information security compliance, including experience in NYCRR 500, FFIEC Cybersecurity Assessment Tool, SWIFT Customer Security Program.
1.3.2     ISO27001 Lead Auditor, Certified Information Systems Auditor(CISA), Certified Information Systems Security Professional(CISSP), or Offensive Security Certified Professional(OSCP).
1.4    Other qualification refers to Tender Documents.
https://www.bot.com.tw/en/personal-banking
     [Additional Description]
Bidder is required to provide due diligence documents specified by the procuring entity. The relevant due diligence documents may include cybersecurity related policies and procedures, company profile, company registration certificate, business contingency plan, and overall disaster recovery plan, etc.

Tender Notice
Item Type : 商品
Location : Manhattan
Features
凌薇
Reviews
There are no reviews yet, why not be the first?
Leave a review
服务: 价格: 环境:

发表评论