Tender Details
Expression of Interest - Operational Technology (OT) Vulnerability Management
Business Name
Seqwater
VP Reference #
VP456282
Buyers Reference #
06164
Opens
Thursday 17 April 2025
(E. Australia Standard Time)
Closes
Tuesday 06 May 2025 02:00 PM
(E. Australia Standard Time)
CLOSED
Supplier query cut-off
Thursday 01 May 2025 02:00 PM
(E. Australia Standard Time)
Expected decision
Tuesday 13 May 2025
(E. Australia Standard Time)
Buyer Details
Business Name
Seqwater
Location
133 Mary St
Brisbane City, Queensland 4000
Australia
WebSite:
https://www.seqwater.com.au/
Business Info
Water is essential for life.
Seqwater is the Queensland Bulk Water Supply Authority responsible for delivering safe, secure and cost-effective bulk water supply for more than three million people across South East Queensland. We also:
* provide essential flood mitigation services
* manage catchment health and offer community recreation facilities
* provide water for irrigation to about 1,200 farmers across seven water supply schemes.
Seqwater is one of the largest water businesses with the most geographically spread and diverse asset base of any capital city water authority. Our operations extend from the New South Wales border to the base of the Toowoomba ranges.
Contact Details
The buyer has elected to have their personal and contact details hidden. These details will be revealed at the buyers discretion.
What the buyer is requesting
Details
The procurement for this project will be undertaken via a two (2) stage procurement process comprising of:
Stage 1: Expression of Interest (EOI) advertised to Operational Technology (OT) Vulnerability Management product specialists.
Stage 2: Select Request for Quote (RFQ) based on shortlisted EOI respondents
Refer to attached EOI Part 1 for Scope details.
Background information / Compatibility requirements
Details
Seqwater wishes to engage a suitably experienced and resourced Supplier who can provide vulnerability management solutions to address patching for Seqwater’s operating system within its Operational Technology (OT) Control systems.
Implementing a vulnerability management program provides a valuable opportunity to enhance cybersecurity, improve operational efficiency, and achieve a Maturity Level of 3.2 under the National Institute of Standards and Technology (NIST) Cybersecurity Framework 2.0, as well as Maturity Level 1 under the Australian Signals Directorate (ASD) E8 framework. This initiative will address issues such as inconsistent infrastructure patching, security risks, and non-compliance. By doing so, Seqwater will not only be better protected against emerging threats but also ensure alignment with government cybersecurity compliance requirements.
Desired Outcomes ('Nice to haves', Conditions & Warranties, SLA's, Project benefits)
Details
Any resulting contract shall be governed by the Terms and Conditions of the Queensland Information Technology Contracting (QITC) framework.
Supplier lists selected
Lists
IT & Telecomms
Categories selected
Categories
IT & Telecomms
1: Hardware - Infrastructure
2: Hardware - Networking Products
3: IT Services
4: Services - Architecture & Design
5: Services - Cloud Services
6: Services - Consultants
7: Services - Industry Sector Expertise
8: Services - Internet of Things (IOT)
9: Services - Maintenance Agreements
10: Services - Networks
11: Services - Security Management
12: Services - Software Support & Maintenance
13: Services - Support
14: Software - SaaS
Regions of Service
Locations
Queensland
1: Brisbane
All Regions of Service locations are within Australia.
Information requested by others
23/Apr/2025 01:44 PM
Question
:
Hi
Could you please clarify anticipated release date for Stage 2 Request for Quote (RFQ) to shortlisted EOI respondents.
The anticipated schedule on page 31/33 Part 1/2 section 1.4.has an anticipated contract award date of 2 June 2025
The EoI expected decision date is 13/05/25
I appreciate all dates quoted are anticipated.
thank you
Answered on 24/Apr/2025 09:50 AM
:
Good morning,
Dates listed within the RFQ package are anticipated dates. Pending responses provided, we hope to release the Stage 2 Request for Quotation package by mid-May.
Kind regards
24/Apr/2025 01:39 PM
Question
:
1. The top-level requirements found in Section 1.2 of the EoI doc refers to a minimum objective to create and deliver a Patch Deployment Framework, however the detailed requirements specification does not stipulate any functional requirements which relate to this objective. Are there any details that SEQ can share with respect to patching requirements and current processes? (EOI Part 1 of 2, Section 1.2 Anticipated Scope)
2. The first mandatory criterion requires compliance to the following standards and evidence of each: Essential 8 and NIST 800-82. Is the requirement to comply specific to the SaaS solution or the integration & managed services partner? Or both? (EOI Part 2 of 2, Section 6 Mandatory Criteria)
Answered on 24/Apr/2025 04:21 PM
:
Please refer to Clarification 02
24/Apr/2025 03:52 PM
Question
:
Hi team,
May we please have assistance with the below questions:
1. What is your current SIEM solution?
2. What is your current IT vulnerability management tool?
3. What are your current firewalls?
4. What is your current PAM solution
Answered on 24/Apr/2025 04:21 PM
:
Please refer to Clarification 02
Updates made to this Request
22/Apr/2025 02:45 PM
Please note: The following addendum has been recently added.
1. Added: (Addendum) 06164 - OT Vulnerability Management Clarification 01.pdf
Please consider this addendum when responding.
24/Apr/2025 04:20 PM
Please note: The following addendum has been recently added.
1. Added: (Clarification) 06164 - OT Vulnerability Management Clarification 02.pdf
Please consider this clarification when responding.
30/Apr/2025 01:42 PM
Please note: The following addendum has been recently added.
1. Added: (Addendum) 06164 - OT Vulnerability Management Clarification 03.pdf
Please consider this addendum when responding.