--- title: "Provision of an ISO27001 Internal Auditor" ocid: "ocds-kuma6s-145666" canonical_url: "https://d3tenders.com/contract/?ocid=ocds-kuma6s-145666" markdown_url: "https://d3tenders.com/contract/ocds-kuma6s-145666.md" json_url: "https://d3tenders.com/contract/ocds-kuma6s-145666.json" source: "Sell2Wales" current_stage: "Tender" buyer: "SOCIAL CARE WALES" published: "2024-10-30" --- # Provision of an ISO27001 Internal Auditor Buyer: SOCIAL CARE WALES Current stage: Tender OCID: ocds-kuma6s-145666 [View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-kuma6s-145666) [Download OCDS JSON](https://d3tenders.com/contract/ocds-kuma6s-145666.json) ## Summary Social Care Wales is inviting tenders for the provision of an ISO27001 Internal Auditor. This procurement, under the services category, aims to ensure the continued effectiveness and compliance of the organisation's Information Security Management System in line with the ISO 27001 standard. The procurement stage is currently at the tender phase, with key dates being the tender period's end on 27th November 2024 and the award period concluding by 19th December 2024. The open procurement method adopted indicates the process is accessible for various businesses to submit electronic responses, focusing on the Cardiff location. This tender presents growth opportunities for businesses specialising in information security, auditing, and ISO27001 compliance. It is particularly suitable for firms with experience in conducting independent internal audits, evaluating ISMS documentation, and assessing compliance with ISO standards. Companies that can assemble consortia may also find this contract advantageous, given its relevance to both national and regional authorities. The requirements to prepare reports, present findings to senior management, and follow up on audit recommendations highlight the potential for continuous engagement and long-term cooperation with Social Care Wales. ## Notice IntroductionISO 27001 is an internationally recognised standard for managing and maintaininginformation security within businesses. It outlines the requirements for an information security management system (ISMS), and provides a framework for establishing, implementing, maintaining and continually improving business information security.Social Care Wales has held ISO 27001:2013 certification since 2008, achieving our most recent triennial recertification in April 2024. We are amid transitioning to the 27001:2022 standard and are due to transition in February 2025.What is required / 'The Requirements'We are seeking the provision of an ISO 27001 Internal Auditor to evaluate and ensure the continued effectiveness and compliance of our Information Security Management System (ISMS) in accordance with the ISO 27001 standard.The audit should be performed independently and aligned with the requirements of the ISO IEC 27001:2013 (ISO 27001) standard.The Internal Auditor will:- Prepare and agree an ISMS audit scope and engagement letter with Social Care Wales;- Review and assess the ISMS documentation, including policies, procedures, and controls in line with the standard;- Plan and execute internal audits, including the preparation of audit plans and schedules;- Interview relevant personnel and gather evidence to assess compliance and effectiveness;- Evaluate the implementation of risk assessments and treatment plans;- Analyse audit findings and prepare detailed reports outlining strengths, weaknesses, and recommendations for improvement;- Present findings to senior management and relevant stakeholders;- Follow up on previous audit findings to ensure corrective actions have been implemented;- Follow through any external certification audit findings and remedial actions received by Social Care Wales.Please see Specification for more detailNOTE: To register your interest in this notice and obtain any additional information please visit the Sell2Wales Web Site at https://www.sell2wales.gov.wales/Search/Search_Switch.aspx?ID=145666.The buyer has indicated that it will accept electronic responses to this notice via the Postbox facility. A user guide is available at https://www.sell2wales.gov.wales/sitehelp/help_guides.aspx.Suppliers are advised to allow adequate time for uploading documents and to dispatch the electronic response well in advance of the closing time to avoid any last minute problems. (WA Ref:145666)The buyer considers that this contract is suitable for consortia bidding. ## Key Details | Field | Value | | --- | --- | | Publication source | Sell2Wales | | Latest notice | https://www.sell2wales.gov.wales/search/search_switch.aspx?ID=145666 | | Notice type | S2W Notice - Website Invitation to Tender Notice | | Procurement type | Standard | | Procurement category | Services | | Procurement method | Open | | Procurement method details | Not specified | | Tender suitability | Not specified | | Awardee scale | Not specified | | All stages | Tender | ## Dates | Field | Value | | --- | --- | | Publication date | 30 Oct 2024 | | Submission deadline | 27 Nov 2024 | | Future notice date | Not specified | | Award date | Not specified | | Contract period | Not specified | | Recurrence | Not specified | ## Values | Field | Value | | --- | --- | | Tender value | Not specified | | Lots value | Not specified | | Awards value | Not specified | | Contracts value | Not specified | ## Status | Field | Value | | --- | --- | | Tender status | Not specified | | Lots status | Not specified | | Awards status | Not specified | | Contracts status | Not specified | ## Buyer | Field | Value | | --- | --- | | Main buyer | SOCIAL CARE WALES | | Locality | CARDIFF | | Post town | Cardiff | | Postcode | CF10 1EW | | Country | Wales | | ITL 1 | TLL Wales | | ITL 2 | TLL5 South East Wales | | ITL 3 | TLL52 Cardiff and Vale of Glamorgan | | Local authority | Cardiff | | Electoral ward | Cathays | | Westminster constituency | Cardiff South and Penarth | | Delivery location | Not specified | ## CPV Codes ### Divisions - 72 - IT services: consulting, software development, Internet and support - 79 - Business services: law, marketing, consulting, recruitment, printing and security ### Codes - 72810000 - Computer audit services - 79212000 - Auditing services - 79212200 - Internal audit services ## Release History - 30 Oct 2024 at 15:46 - Tender - S2W Notice - Website Invitation to Tender Notice - https://www.sell2wales.gov.wales/search/search_switch.aspx?ID=145666 ## Documents - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=13 30th October 2024 - Atodiad 6 - Ffurf y Tendr - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=14 30th October 2024 - Appendix 6 - Form of Tender - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=15 30th October 2024 - Social Care Wales - Terms and COnditions - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=1 30th October 2024 - Gwahoddiad i Dendro a Manyleb - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=2 30th October 2024 - Invitation to Tender and Specification - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=3 30th October 2024 - Atodiad 1 - Holiadur Cyn Cymhwyso - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=4 30th October 2024 - Appendix 1 - Pre Qualification Questionnaire - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=5 30th October 2024 - Atodiad 2 - Dogfen Ymateb Materion Technegol / Ansawdd - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=6 30th October 2024 - Appendix 2 - Technical / Quality Response Document - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=7 30th October 2024 - Atodiad 3 - Dogfen Ymateb Materion Ariannol / Prisio - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=8 30th October 2024 - Appendix 3 - Financial / Pricing Response Document - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=9 30th October 2024 - Atodiad 4 - Canllawiau ton llais Gofal Cymdeithasol Cymru - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=10 30th October 2024 - Appendix 4 - Social Care Wales' tone of voice guidelines - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=11 30th October 2024 - Atodiad 5 - Canllawiau brandio Gofal Cymdeithasol Cymru - https://www.sell2wales.gov.wales/Notice/Download/DocumentDownload.aspx?id=OCT493716&idx=12 30th October 2024 - Appendix 5 - Social Care Wales' branding guidelines ## Notice URLs - http://www.sell2wales.gov.wales - http://www.socialcare.wales - https://www.sell2wales.gov.wales/Search/Search_Switch.aspx?ID=145666.The - https://www.sell2wales.gov.wales/sitehelp/help_guides.aspx.Suppliers ## Provenance This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-kuma6s-145666. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-kuma6s-145666.json.