AUSTRALIAN Digital Health Agency is seeking a security consultant to plan, design, develop and conduct a desktop cyber security real-time critical incident exercise.
The desktop exercise should invoke the security incident management process for the My Health Record System, including all parties involved in a significant cyber security incident.
1. Designing desktop exercise:
* Project management plan
* Scoping of incident triggering appropriate incident response.
* Identification of key stakeholders.
* Design realistic cyber security incident on the My Health Record System.
* Define metrics to assess the effectiveness of the response process.
2. Conduct the exercise
* Managing injects as appropriate.
* Preventing exercise escape.
* Providing situation updates.
* Moderating discussions.
* Documenting the exercise conduct.
3. Close Out report:
* Detail response process, gaps, findings and areas of improvement to the incident response process.
* Document observations and key findings.
The tender closes on August 16, 2017. ♦
