JavaScript Disabled

This site requires JavaScript Enabled to function properly. Please enable JavaScript or use a different browser that has JavaScript enabled.

Buying For Victoria
Skip to main content

Display Tender C11506 ATN 

If it's a selective tender, only the person that received the email notification and was invited to view the tender, can view and access it.

Use the forgot password feature, to access your account credentials at

Cyber Controls Audit   
Issued By Department of Health
Advanced Tender Notice
C11506 ATN
Contract Number
Estimated Advertising Date:
20 September 2022 05:00 pm
Information Technology Broadcasting and Telecommunications


Other Contacts


Cyber Controls Audit

The Department of Health (DH) Digital Health Branch is seeking suitably qualified invitees to conduct an independent audit of the health sector’s cyber security posture and assessing the compliance against the baseline cyber security controls. This will instil the confidentiality, availability, and integrity of the data, identify any significant risks and non-compliance to the baseline cyber security controls. This will also identify the problem areas across the health sector infrastructure and systems.

The objective of this project and the required outcome is:

  • Perform a comprehensive analysis of the Health Service ICT Health Alliance self assessment of Digital Health’s Cybersecurity Framework controls ensuring self rating is accurate.
  • Perform a comprehensive analysis of the documents and evidence that were collected during the self-assessment to ensure compliance with the baseline cyber security controls.
  • Provide an assessment report along with an action plan for the health sector’s cyber security posture based on the auditing of the evidence gathered as part of the self-assessment.
  • To complete scope of works and produce deliverables within eight months of commencement date.

The scope of this procurement includes:

  • A cybersecurity assessment at each health service and ICT Health Alliance in accordance with Digital Health’s Cybersecurity Framework and assessment template. 
  • Report the current level of cybersecurity maturity and compliance as per the Digital Health Cybersecurity Framework.
  • 25 health organisations across the state of Victoria in scope for independent assessment.
  • The assessment period will be October 2022 – April 2023

 RFQ Release Date / Process

Proposals will be sought via the Whole of Victorian Government (WOVG) eServices Register in September 2022.  Proposals will be due within approximately two weeks of the release date.

Parties interested in receiving a copy of the RFQ documents should:

  1. Express an interest in receiving the RFQ by email to [email protected] ATT: Kirsty Lancaster; and
  2. If your organisation is not a current member of the WOVG eServices Register, ensure that you complete the supplier registration process as soon as possible.  A link to the eServices registration form can be found here:

The Department will issue the RFQ documentation via the eServices Register / Vendor Panel system on the release date to all providers who have complied with the above. 


  • Providers are encouraged to register interest as soon as possible. The Department will not be in a position to provide extensions to the RFQ closing date on the basis of late registrations.
  • A range of eServices Register (VendorPanel) training videos, including a video on how to register, are available at the following link: