Tenders Are Invited For Development, Implementation And Adaptation Of The Documentation Of The Information Security Management System (Isms) In Accordance With The Pn-En Iso/Iec 27001:2023-06 Standard As Part Of The Grant Project ... Part I, Ii
Tenders Are Invited For Development, Implementation And Adaptation Of The Documentation Of The Information Security Management System (Isms) In Accordance With The Pn-En Iso/Iec 27001:2023-06 Standard As Part Of The Grant Project ... Part I, Ii
Part I: Development, Implementation And Adaptation Of The Documentation Of The Information Security Management System (Isms) In Accordance With The Pn-En Iso/Iec 27001:2023-06 Standard. Isms Documentation And Audit1. The Subject Of The Order Is The Development, Implementation And Adaptation Of The Documentation Of The Information Security Management System (Isms) In Accordance With The Pn-En Iso/Iec 27001:2023-06 Standard In:• Podegrodzie Commune Office,• Social Welfare Center In Podegrodzie• Municipal Utilities Plant In Podegrodzie. The System Is To Cover All Processes Related To Information Security Management, Including The Protection Of Personal Data, Classified Information And Confidential Information And It Resources In The Ordering Partys Organizational Structures.2. Purpose Of The Orderthe Purpose Of The Order Is:• To Ensure Compliance With The Current Provisions Of Polish And Eu Law, In Particular The Gdpr, The Nis2 Directive And The Act On The National Cybersecurity System (Ksc),• To Increase The Level Of Information And Data Security In The Office And Subordinate Units,• To Prepare The Organization For Possible Certification In Accordance With The Iso/Iec 27001 Standard,• To Unify The Principles Of Information Protection Throughout The Entire Commune Structure.3. Scope Of Development And Implementation Stage I - Analysis And Preparation Of Documentation1) Analysis Of The Current State Of Information Security In The Office And Subordinate Units.2) Identification Of Information Resources And Data Processing Processes.3) Development Of A Full Set Of Isms Documents, Including:• Information Security Policy,• Personal Data Protection Policy,• Procedures For Granting And Revoking Authorizations,• Procedures For Managing Security Incidents,• It Infrastructure Management Instructions,• Procedures For Dealing With Hard Drives Withdrawn From Use,• Information Assets Register And Information Classification,• Risk Analyzes And Assessments,• Risk Management Plan,• Business Continuity Plans (Bcp) And Disaster Recovery Plans (Drp),• Training Procedures And Raising User Awareness. Stage Ii - System Implementation1) Conducting Workshops With The Management And Staff Of The Office And Units.2) Adapting Documents To The Specificity Of Each Unit.3) Implementation Of Operational And System Procedures In The Field Of Isms.4) Implementation Of Registers, Forms And Records Required By Law. Stage Iii - Training And Consultations1) Training For Management Staff And It System Administrators.2) Training For All Employees On Information Security Principles.3) Providing A Set Of Training Materials In Electronic Form. Stage Iv - Implementation Audit1) Conducting An Internal Audit Of The Functioning Of The Isms.2) Preparing A Final Report With Recommendations For The Ordering Party.4. Requirements For The Contractor• The Contractor Must Have Experience In Developing And Implementing Isms In Public Administration.• Indicating The Person Responsible For The Project Impl
We takes all possible care for accurate & authentic tender information, however Users are requested to refer Original source of Tender Notice / Tender Document published by Tender Issuing Agency before taking any call regarding this tender.
