Network and Information Security (NIS) Audit Services for HSCNI
- Business Services Organisation (BSO) Procurement and Logistics Service (PaLS).
Procurement identifier (OCID): ocds-h6vhtk-0559e2
Description
An Assured Audit Service Provider from the National Cyber Security Centre (NCSC) Cyber Resilience Audit Scheme is to complete an on-site Network and Information Security (NIS) Compliance Audit of the essential service and supporting network and information systems. The objective of the NIS Audit Services is to assist the NIS Competent Authority (CA) in assessing the OES level of compliance with regulation 10 of the Network and Information Systems Regulations 2018.
The Compliance Audit will use the (NCSC) Cyber Assessment Framework (CAF) which determines the minimum standard expected from the OES. Assessment will be made against each Contributing Outcome and associated Indicators of Good Practice (IGP) and "Not Good" practice as outlined in the CAF.
The scope of the NIS Compliance Audit is to be against the OES essential service, as defined by the OES. This will encompass all critical network and information systems and processes necessary for the continued delivery of the essential service.
Notices
UK4: Tender notice
- Notice identifier
- 2026/S 000-018049
- Published
- 27 February 2026, 3:21pm
UK2: Preliminary market engagement notice
- Notice identifier
- 2025/S 000-037752
- Published
- 7 July 2025, 1:27pm