Auditing services: tenders, rfq bids, opportunities and procurement 2024


Total: 1250
13 nov
External Auditing Services (EN) add to Favorites
Contract value: 1 003 500 (USD)
Price original: 900 000 (GBP)

Deadline: 47 days
Customer: Gloucestershire Hospitals NHS Foundation Trust

Number: 114000341

Country: United Kingdom

Source: gov.uk Contracts Finder

06 nov

Number: 113514132

Country: Canada

Source: www.merx.com

12 sep
AFNWA2024-09-11 - Auditing Services (CA) add to Favorites
Customer: www.merx.com

Number: 110779839

Country: Canada

Source: www.merx.com

06 sep
Bids are hereby invited for the following: Appointment of a Panel of Service Providers to Provide (Co-Source) Internal Audit and Forensic Services to the Department of Cooperative Governance as and when required for a period of 36 months. Scope of work: The appointed service providers will be required to fulfil the following functions as and when assigned by the Chief Audit Executive: - Perform audits and forensic investigations services as per assignment and under the management of the Internal Audit function; - Perform audits according to the International Standards for the Professional Practice of Internal Auditing (ISPPIA) and Internal Audit Activity(IAA) methodology; - Monitor and evaluate performance of team members on audit projects; - Perform quality assurance reviews for the projects; - Use DCoG in-house Internal Audit methodology; - Write and present audit reports to the management which were subjected to audit through the office of the Chief Audit Executive; - Write and present investigation report to the management which were subjected to investigation through the office of the Chief Audit Executive; - Perform business process analysis and suggest best practices for improvement of the IAA; and - Attend planned meetings with Chief Audit Executive or his/her delegate and relevant managers when required; - Forensic and ad-hoc services will be performed when a request is received from management, these services will be requested on an ad-hoc basis. Required at: 87 Hamilton Street, Arcardia, Pretoria, 0001. (EN) add to Favorites
Customer: ONLINE TENDERS

Number: 110456195

Country: South Africa

Source: ONLINE TENDERS

29 aug
GB-YORK: Internal Auditing Services (EN) add to Favorites
Customer: York St John University
Source: YORK ST JOHN UNIVERSITY

Number: 109998572

Country: United Kingdom

Source: gov.uk Contracts Finder

26 aug

Number: 109786699

Country: Bahrain

Source: Tender Board - Kingdom of Bahrain

23 aug
Internal Auditing Services (EN) add to Favorites
Contract value: 334 500 (USD)
Price original: 300 000 (GBP)

Customer: First Choice Homes Oldham

Number: 109672200

Country: United Kingdom

Source: gov.uk Contracts Finder

21 aug
Tenders are hereby invited for the following: Appointment of Panel of Service Providers for the Provision of Accredited Training. Specifications: - National Diploma: Public Finance Management and Administration; - National Certificate: Ward Committee Governance; - Coaching and Mentoring; - Local Government Accounting Certificate; - Occupational Certificate: Paving Screed Operator; - National Certificate: Electrical Engineering: Renewable; - Occupational Certificate: Plumber; - National Certificate: Supervision of Civil Engineering; - Construction Processes Road Works; - National Certificate: Horticulture; - National Certificate: Occupationally Directed Education; - Training and Development Practices; - Certificate: Municipal Financial Management; - Advanced Certificate in Internal Auditing: Auditing and Ethics; - Certificate Computer Technology: MS Word Advanced; - Occupational Certificate Internal Audit Manager; - Advanced Certificate: Environmental Education; - Training and Development Practice; - Councilor Induction Programme: Higher Education and Training Certificate: Development Practice National Certificate in Community Development Worker; - National Certificate: Local Government Councilor Practices; - Occupational Certificate: Original/Aftermarket Auto Electrical System or Component Fitter; - National Certificate: Environmental Practice; - National Certificate: Business Administration Services; - National Certificate Emergency Services Supervision: Fire and Rescue Operations; - Higher Certificate in Renewable Energy Technologies. (EN) add to Favorites
Customer: ONLINE TENDERS

Number: 109533940

Country: South Africa

Source: ONLINE TENDERS

20 aug
Quotations are hereby invited for the following: Five (5) year external assessment of internal audit activity, Qty: 300. Scope: To perform an external quality assessment on the City of uMhlathuze Internal Audit activity utilising the IPPF’s Quality Assessment Manual for the Internal Audit Activity published by the Internal Audit Foundation in 2017 in order to conclude on the internal audit activity’s conformance with the Code of Ethics and The IIA’s International Standards for the Professional Practice of Internal Auditing (Standards), whether or not internal auditors apply the Code of Ethics, and to identify areas for improvement. The external assessment may include operational or strategic comments. The qualified and independent external reviewer must: - Review the implementation of the Standards including the existence of a quality assurance process and the provision of consulting services, - Assess the efficiency and effectiveness of internal audit activity considering (a) its charter, (b) expectations of the Audit Committee, executive management, and the Chief Audit Executive (CAE), and (c) its current needs, exposures to performing at less than an effective level, and the future directions and goals of the organisation. - Identify opportunities and offer ideas and counsel to the CAE and staff for improving their performance. By implementing selected “successful practices”, the activity can add value to management and the Audit Committee and promote the image and credibility of the activity within the organization, - Review the internal audit activity’s involvement in the enterprise risk assessment process and preparation of the audit schedule. This would include assessing annual and long-range audit plans to see whether audit areas represent current and future business plan, strategy, exposures and operations, - Evaluate the organizational structure and approach used in auditing to determine whether resources are adequate to ensure proper audit coverage in all phases of the business. This will also include the information technology audit function. Further, we will comment on the background, mix and experience of staff, training scheduled and received and certifications, - Determine the perception of internal auditing through interviews and surveys with relevant members, executive management and internal audit customers. - Provide insights into their level of satisfaction with internal auditing services, along with appropriate suggested changes, - Examine internal auditing techniques and methodology for testing systems of control. - Identify ways to enhance policies and practices, as well as coordination with external auditors, - Provide an opinion as to whether the internal audit activity complies with the IIA’s International Standards for the Professional Practice of Internal Auditing and its Code of Ethics. (EN) add to Favorites
Customer: ONLINE TENDERS

Number: 109449816

Country: South Africa

Source: ONLINE TENDERS

30 jul
Proposals are hereby requested for the following: Provision of database security management solution for a period of five (5) years. Scope: Eskom requires a cloud-based or SaaS Database Security tool for a period of five (5) years. The cloud-based or SaaS Database Security tool must cater for the Eskom hybrid (on-premises, hybrid, and multiple cloud) environments, databases hosted on-prem and the cloud. The cloud-based or SaaS Database Security Management tool must include subscriptions fee, software licenses, onboarding assistance, maintenance, training, and support on an 24X7X365 (24/7/365) throughout the year for the duration of the contract: The Database Security Management tool must have the following capabilities, functionalities and features but not limited to: a) Security Assessment: The Database Security Management tool must provide security posture, risk profile of the entire database, database discovery, data discovery, data classification and security policy, b) Artificial Intelligence (AI) and Machine Learning (ML): The Database Security Management tool must be AI and ML-powered for event collection and analysis, c) Encryption and Key Management: The Database Security Management tool must encrypt data at rest with key management capability, d) Data Masking, Tokenisation and Sub-setting: The Database Security Management tool must be able to scan the entire database for sensitive data, mask, tokenise and subset sensitive data in nonproduction environments, e) Data Access Control: The Database Security Management tool must provide the following: i. Enforce separation of duties to control access based on security privileges, identify sensitive data, ii. Ensure that administrators can manage the database, but not access the sensitive data, f) Auditing and Monitoring: The Database Security Management tool must provide the following: i. Detect, analyse, and block threats in database activity, ii. Comply with the Center for Internet Security (CIS) benchmarks, the Defence Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) auditing requirements, iii. Provision audit policies that balance the need to monitor activity with the impact of collecting and storing audit data, iv. Monitor user activity with data, v. Simplify compliance reporting and help identify risky user behaviour, g) Audit Vault and Database Firewall: The Database Security Management tool must provide both audit vault and database firewall to provide the following: i. Assess database security posture, ii. Monitor privileged user activity, iii. Deny and block unauthorised access, iv. Provide useful, simplified logs to assist with the incident investigation, v. Provide continuous alerts on suspicious activity, vi. Provide simplified regulatory compliance reporting such as PCI DSS, GDPR and POPIA, h) Interoperability: The Database Security Management tool must support numerous and prevailing database management system (DBMS) technologies such as Microsoft (MS) structured query language (SQL), MySQL, SQLite, Redis DB, Oracle databases, IBM DB2, IBM NETEZZA, SAP HANA, MongoDB, Postgres, Cassandra, Neo4j DBMS, PostGIS, Elasticsearch DBMS, and MariaDB but not limited to these DBMS technologies, i) Integration to SIEM: The Database Security Management tool must be able to integrate with numerous and prevailing SIEM tools such as Splunk, and Sentinel but not limited to these SIEM tools, j) Integration to advanced AI and machine learning (ML) network monitoring solutions: The Database Security Management tool must be able to integrate numerous and prevailing AI and machine learning network monitoring solutions such as Darktrace but not limited to these tools listed, k) Integration to on-prem Identity Provider (IdP): The Database Security Management tool must be able to integrate with Eskom existing on-prem identity provider (IdP)for central user account management, to enable MFA and SSO, l) Self-hosted or on-prem and Cloud-based Databases: The Database Security Management tool must be able to scan both databases hosted on- prem and in the cloud, m) Process Control Network’s (PCN’s) or Operational Technology (OT) Databases: The Database Security Management tool must be able to scan databases that are placed on the PCN or OT networks, n) Agentless: The Database Security Management tool must be agentless, o) Reporting: The Database Security Management tool must simplify compliance reporting, users, administrators, and privileged user activity logs and help identify risky user behaviour. Training/Transfer of skills: a) Provide web-based or online training for Security Services Security Operation Centre (SOC) team to enable them to perform the scan, analyse, interpret the results, forward to the relevant stakeholders to remediate identified security vulnerabilities, b) Provide Database Security tool onboarding assistance, c) Mentor, transfer skills and knowledge to Eskom resources assigned to the project through the installation, configuration, testing, and deployment stages using a defined skills transfer program, d) Expert level training with relevant certification for the SOC team. Service Level Agreement requirements: The Service Provider must provide 24X7X365 (24/7/365) support and monitoring of the Database Security Management tool: a) The SOC team require 24X7X365 (24/7/365) support throughout the year, b) Security Services department requires 24X7X365 (24/7/365) monitoring of the Database Security tool, c) Security Services department requires MTTR (Mean time to resolve) of 4 hours, d) The availability of the SaaS solution must be 99.9%. (EN) add to Favorites
Customer: ONLINE TENDERS

Number: 108286183

Country: South Africa

Source: ONLINE TENDERS