CENTRAL BANK OF NIGERIA
REQUEST FOR SUBMISSION OF PROPOSAL: PROJECT MANAGEMENT CONSULTANCY FOR THE PAYMENT SYSTEM SECURITY & RISK MANAGEMENT CENTER (PSSRMC)
Cyber-attacks have increased in frequency and sophistication, resulting in significant challenges for the Nigerian Payment System and its participating organizations that must defend data and infrastructure from attacks by capable adversaries These adversaries compromise systems, disrupt financial services, commit financial fraud, and expose or steal intellectual property and other sensitive information. Given the risks these threats present, it is increasingly important that participating organizations share cyber threat information and use it to improve the cyber defenses of the Nigerian Payment System.
The Nigerian Payment System is the interconnected set(s) of information resources and information systems under the regulatory authority of the Central Bank of Nigeria (CBN), which enables and facilitates electronic financial transactions, and includes the institutions, instalments, people, rules procedures, standards, and technologies, which make such exchange(s) possible. The participating organizations include operators and providers of payment services.
The CBN setup a Project Steering Committee (Committee)to guide and monitor the establishment of a Payment System Security & Risk Management Center (PSSRMC), and the CBN approved acquiring the services of a Project Manager (Consultant) to lead the planning and execution of the Center.
To bolster cyber defenses and enhance incident response actions, the Payment System Security & Risk Management Center must harness the collective knowledge of participating organizations in the Nigerian Payment System, primarily through information sharing and coordinated incident response.
Through the exchange of cyber threat information at the Center, participating organizations can leverage collective knowledge, experience, and security capabilities to gain a more complete understanding of the threats they face. Using this knowledge, participating organizations will make threat-informed decisions regarding defensive capabilities, threat detection techniques and mitigation strategies provided by the Center. By correlating and analyzing cyber threat information from multiple sources, the Center will enrich existing information and make it more actionable. Participating organizations that receive information and subsequently remediate a threat will confer a degree of protection to other members of the Nigerian Payment System by impeding the ability for a threat to spread Additionally, sharing of cyber threat information will enable the Center to detect campaigns that target the Nigerian Payment System, or particular participating organizations.
3.0 SCOPE OF WORK & RESPONSIBILITIES
The Project Manager (Consultant) will be responsible for achieving the following tasks.
3.1 PROJECT MANAGEMENT ADMINISTRATION
Provide applied knowledge, skills, tools, and techniques to project activities to meet all requirements of the Committee and the Center.
3.1.1 PROJECT INTEGRATION
• Identify, define, combine, unify, and. coordinate all activities of the Committee
• Manage internal and external stakeholders expectations and requirements
3.1.2 PROJECT SCOPE, TIME & QUALITY
• Ensure project includes all work required, and only work required, for the Center
• Ensure timely completion of all project activity and deliverables
• Ensure that the project will satisfy the needs for which it was undertaken
3.1.3 PROJECT COST
• Coordinate planning, estimating, budgeting, financing, funding, managing, and controlling costs and ensure project cost are within an approved budget
3.1.4 PROJECT HUMAN RESOURCES
• Organize project management team, assign roles and responsibilities for the project
3.1.5 PROJECT COMMUNICATIONS
• Ensure planning, collection, creation, distribution, storage, retrieval. management control, monitoring, and the ultimate disposition of project information
3.1.6 PROJECT RISK
• Conduct project risk management planning, assessment, response, and monitoring
• Manage the likelihood and impact of positive and of negative events in the project
3.1.7 PROJECT STAKEHOLDER MANAGEMENT
• Identify people, groups, and organizations that could affect the project and analyze stakeholder expectations and their impact on the project
• Develop appropriate management strategies for effectively engaging stakeholders in project decisions and execution
3.2 SECURITY & RISK MANAGEMENT ADVISORY
Provide non-binding strategic advice to the Committee for the design, development and operation of the Centerbased on careful review and analysis of global best practice and standards for payment systems, information security, and risk management
3.3 TECHNICAL PARTNER SELECTION
In coordination with the Committee, conduct the selection process for retaining the professional services of a Technical Partner. Project Manager will be required to prepare and issue RFP, establish RFP scoring guidelines, and manage the technical evaluation of proposals.
3.4 ADMINISTRATIVE SUPPORT
Serve as the secretariat to the Committee to ensure appropriate governance structure conduct within the regulatory environment, perform company incorporation responsibilities, provide reports to stakeholders, and manage contact with external bodies In addition, perform other administrative responsibilities necessary for the efficient administration of the Committee.
The consultant must provide the following to the Committee:
1 Project Charter & Project Management Plan
2. Project Funding Requirements & Cost Management Plan
3. Protect Risk Management Plan & Stakeholder Register
4 Technical Partner RFP & Agreement
5. All Project Records
4.0 GENERAL REQUIREMENTS:
Interested and competent vendors are hereby invited to submit their proposals which must include the following documents for verification.
a) Evidence of certificate of incorporation and registration with the Corporate Affairs Commission (CAC)
b) Certified tore copy of memorandum and article of association.
c) Evidence of Company Tax clearance certificate for the last three (3) years (2013. 2014 and 2015) as at when due.
d) Comprehensive company profile including registered office, functional contact email address, GSM phone number(s) and facsimile numbers)
e) Verifiable evidence of similar jobs successfully executed in the past
f) Reference letter from a Bank stating the financial ability of the Vendor to carry out such project(s)
g) Current company’s audited statement of accounts
h) Current Pension Clearance Certificate from PENCOM.
i) Evidence of compliance Certificate with provision of section 6(1 )(3) of the amended Industrial Training Fund (ITF)Act No.19 of 2011
j) Evidence of registration with Financial Reporting Council (FRC)
k) An Interim Registration Report (IRR) as evidence of registration on the National Database of contractors, consultants and service providers.
I) An affidavit disclosing whether or not any officer of the Central Bank of Nigeria or Bureau of Public Procurement is a former or present director, shareholder or has any pecuniary interest in the company.
5.0 SPECIFIC REQUIREMENTS
Details are contained in the Request for Proposal (RFP) and Bidding Document.
6.0 COLLECTION OF BID DOCUMENTS
Interested Service Providers who possess the above minimum requirements may collect the bidding documents on the payment of a non-refundable fee of N10.000.00 (Bank Draft in favour of Central Bank of Nigeria) from:
Major Contracts Tenders Committee
2nd Floor, Wing C
CBN Head Office Complex.
Central Business District
Abuja, FCT Nigeria.
Phone No: 09-462-37216
Kindly submit your signed and wax-sealed bids to the address below:
Major Contracts Tenders Committee
2nd Floor, Wing C. CBN, Head Office Complex
Central Business District, Abuja
Failure to sign and seal your bid as required may cause your bid to be deemed non-responsive, and the CBN will not be responsible for non-receipt of a bid that is incorrectly addressed or identified. In addition, partial bids, i.e. bids which do not cover all the essential requirements of the CBN as specified in this document will be treated as non-responsive and will be rejected
8.0 CLOSING DATE:
All submission must be received at the above Office not later than 12:00 Noon on 23rd May, 2017
9.0 OPENING DATE:
The prequalification and Technical Proposal will be opened immediately, after close of submission of the bid on 23rd May, 2017.
10.0 IMPORTANT NOTICE
• Only the successful company (ies) will be notified formally
• Nothing in the advert shall be construed to be a commitment on the part of the CBN
For further information, please contact: 07002255226