Changeflow GovPing Banking & Finance RFP - Independent IT Security Audit for Egmont ...
Routine Notice Added Final

RFP - Independent IT Security Audit for Egmont Group Secretariat

Favicon for egmontgroup.org Egmont Group News
Detected April 7th, 2026
Email

Summary

The Egmont Group Secretariat issued a Request for Proposals inviting qualified vendors to conduct an independent external security audit of its IT system. The audit will assess compliance with Egmont Group security, confidentiality, and access control requirements. The IT infrastructure is built on Microsoft Entra ID, Microsoft 365, and Microsoft Azure platforms.

View original document View source feed page

What changed

The Egmont Group Secretariat has released an RFP for an independent external security audit of its IT system. The scope includes assessment of security controls, confidentiality measures, and access control requirements across Microsoft Entra ID, Microsoft 365, and Microsoft Azure platforms. Vendors must demonstrate capability to evaluate secure communications, controlled access, and encrypted data handling.

This procurement action is administrative in nature and does not create compliance obligations for regulated entities. The RFP affects potential bidders in the IT security audit and cybersecurity consulting space. Other stakeholders are not directly impacted by this solicitation.

What to do next

  1. Review RFP requirements and submission guidelines
  2. Prepare and submit proposal if qualified to perform IT security audits
  3. Ensure proposal demonstrates expertise in Microsoft Entra ID, M365, and Azure security assessment

Source document (simplified)

The official version of the website is the English version. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, or correctness of any translations made from English into any other language.

Select Language

English Spanish French Arabic
- About
- Organization and Structure
- Egmont Group Funding
- ECOFEL
- Leadership
- Financial Intelligence Units
- Money Laundering and Terrorist Financing
- News and Events
- Working Groups
- The Information Exchange Working Group (IEWG)
- The Membership, Support and Compliance Working Group (MSCWG)
- The Policy and Procedures Working Group (PPWG)
- The Technical Assistance and Training Working Group (TATWG)
- Members by Region
- Member FIU Information
- Become a Member
- Affiliates
- Become an Observer
- Resources
- Careers

News and Events

Request for Proposals: Independent IT Security Audit for the Egmont Group Secretariat > News and Events

Request for Proposals: Independent IT Security Audit for the Egmont Group Secretariat

The Egmont Group Secretariat (EGS) invites qualified vendors to submit proposals to conduct an independent external security audit of the Egmont Group IT system. The audit will assess compliance with Egmont Group security, confidentiality, and access control requirements.

The IT system is built on Microsoft Entra ID, Microsoft 365, and Microsoft Azure, supporting secure communications, controlled access, and encrypted data storage.

Scope of the Audit

The External Security Audit must include:

  • Manual testing, including external penetration testing in line with Microsoft Cloud Penetration Testing Rules of Engagement
  • Technical configuration and automated security assessments
  • Risk analysis of threats such as malware, viruses, and phishing A core requirement is that only designated users may access system data. Administrators, third parties, and service providers must not have access.

The audit will focus on:

  • Identity and access management and audit trails
  • Key generation and key management
  • Virtual machine access controls
  • End‑to‑end encryption and secure data storage
  • Hardware Security Module hardening
  • Compliance gap analysis against NIST, ISO/IEC 27001, and other applicable standards Deliverables must include documented findings, recommendations, and a proposed Plan of Action.

Timeline

The audit, including the final report, must be completed within three weeks of project kick‑off. A minimum of two draft review rounds is required.

Proposal Requirements

Proposals must include:

  • Scope of work and project plan
  • Fees, currency, timeline, and payment schedule
  • CVs demonstrating at least five years of relevant experience
  • Relevant security certifications
  • Proof of appropriate security clearance
  • Bios of all staff conducting the audit
  • Examples of similar work for government or security‑sensitive organizations All audit staff must be directly employed by the vendor.

Submission Details

Proposals must be submitted in English to ESAProposal[at]egmontsecretariat.org by 13 March 2026.

Email subject line:
EG IT System – External Security Audit

Only the selected vendor will be contacted for further discussions.

If this aligns with your organization’s expertise, we encourage you to submit a proposal.

For more information, download the request for proposals: RfP EG IT System – External Security Audit

FAQs
Contact Us
Egmont Group Membership Applications

Fraud Alert

The Egmont Group is a membership based international organization and does not solicit public funds for its operations.

March 23, 2021

The Egmont Group has been made aware of attempts to misuse its name for fraudulent or illegitimate purposes. Please note

Learn More © 2026 The Egmont Group


Back to Top of Page

Related changes

Favicon for egmontgroup.org Job Opportunity: Finance and Administrative Manager, Brussels
Routine Apr 07, 2026 Egmont Group News Banking & Finance
Favicon for egmontgroup.org Egmont Group Participates in Fifth FATF Plenary, Advancing Cooperation and Training
Routine Apr 07, 2026 Egmont Group News Banking & Finance
Favicon for egmontgroup.org OECD Global Anti-Corruption and Integrity Forum 2026 | Paris
Routine Apr 07, 2026 Egmont Group News Banking & Finance
Favicon for changeflow.com SEC 8-K Cybersecurity Incident Filings - Material Incident Disclosures
Routine Apr 07, 2026 ChangeBridge: Patent Grants - AI & Computing (G06N) Telecom & Technology
Favicon for www.finra.org FINRA Launches Financial Intelligence Fusion Center for Cybersecurity Threat Sharing
Routine Apr 07, 2026 FINRA News Releases Banking & Finance
Favicon for www.fcc.gov FCC Announces May Cybersecurity Workshops
Routine Apr 07, 2026 FCC Headlines Telecom & Technology

Source

Favicon for egmontgroup.org
Egmont Group News egmontgroup.org/news-and-events
Banking & Finance
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Egmont Group
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Government agencies Technology companies
Industry sector
5112 Software & Technology
Activity scope
IT security audit services Cybersecurity consulting Technology procurement
Geographic scope
European Union EU

Taxonomy

Primary area
Cybersecurity
Operational domain
Procurement
Topics
Government Contracting Anti-Money Laundering

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 287 Consumer Protection 44 Courts & Legal 361 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 101 Environment 85 Environmental Permits 1 Environmental Regulation 13 Government & Legislation 278 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legislative 1 Pharma & Drug Safety 104 Public Health 3 Securities & Markets 104 Securities Regulation 14 Tax 66 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Banking & Finance alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when Egmont Group News publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.