GEM

Delhi Jal Board Vulnerability Testing Tender Web & Mobile Apps 2025 – OWASP Top 10, IS/IT Security Audit

Posted

28 Oct 2025, 02:05 pm

Deadline

08 Nov 2025, 05:00 pm

Value

₹5,00,000

Location

CENTRAL DELHI , DELHI

Progress

Issue28 Oct 2025, 02:05 pm
AwardPending
Explore all 4 tabs to view complete tender details

Quantity

1

Bid Type

Two Packet Bid

Categories 2

WEB SECURITY AUDIT

Tender Overview

  • Delhi Jal Board seeks security testing services for web applications, mobile applications, and GAP ANALYSIS; Application Security Audit (OWASP Top 10) with an estimated contract value of ₹5,00,000. Scope is defined by vulnerability assessment and security gap analysis, with no BOQ items published. The buyer requires the service provider to have a local office in the consignee state (Delhi) and to adhere to the supplier documentation outlined in the ATC. A quantity/duration adjustment up to 25% is permissible at contract issue and post-issuance, binding bidders to accept revised scope. This tender emphasizes real-time risk reduction for government digital services.

Technical Specifications & Requirements

  • Product/service category: Vulnerability testing, web & mobile application security assessment, and OWASP Top 10 audit.
  • Standards & certifications: At minimum, reference to OWASP Top 10 framework; no other standards listed in the data. Ensure audit deliverables cover injection, auth, broken access controls, sensitive data exposure, and misconfigurations per OWASP guidance.
  • Delivery/installation: No explicit delivery window provided; bidders must align with Delhi Jal Board expectations and ATC within contract period. Service provider must have a local Delhi office and provide an escalation matrix for service support.
  • Experience/qualification: Documentation must show ability to perform application security testing on government-like environments; ensure capability to deliver end-to-end vulnerability reports and remediation recommendations.
  • Support & warranties: Post-assessment support and remediation guidance should be included as part of the deliverables (per standard security audit practice).

Terms, Conditions & Eligibility

  • EMD/guarantee: Not specified in the available data.
  • Contract flexibility: Quantity or duration may be increased up to 25% at the time of contract issuance and thereafter.
  • Local presence: Office of the service provider must be located in the state of the consignee (Delhi) with documentary evidence.
  • Escalation: Provide an Escalation Matrix with telephone numbers for service support.
  • Documentation: Upload all certificates and documents sought in the Bid document, ATC, and corrigenda; otherwise risk rejection.
  • Delivery terms: No explicit payment terms or milestones listed in the data; bidders should anticipate standard government payment practices after deliverables review.

Key Specifications

  • Product/service names: vulnerability testing, web & mobile application security assessment, OWASP Top 10 audit

  • Estimated value: ₹5,00,000

  • Location constraint: Delhi; local office evidence required

  • Standards: OWASP Top 10 audit (no additional standards specified)

  • Delivery: align with contractual timeline; no explicit deadlines provided

Terms & Conditions

  • 25% quantity/duration adjustment allowed at contract issue and post-issuance

  • Local Delhi presence with documentary proof mandatory

  • Escalation matrix required for service support

  • Submission of all certificates/documents per ATC and corrigenda

  • EMD details not provided in the data

Important Clauses

Payment Terms

Not explicitly defined in the provided data; bidders should expect government standard terms after deliverable acceptance.

Delivery Schedule

No explicit delivery window; bidders to align with Delhi Jal Board timelines once contract is issued.

Penalties/Liquidated Damages

Not specified in available data; bidders should plan for standard SLA-based penalties per ATC.

Bidder Eligibility

  • Experience in performing vulnerability testing and OWASP Top 10 audits for web and mobile apps

  • Evidence of a local office in Delhi with verifiable address

  • Submission of all mandatory certificates and documents as per bid terms

AI-Powered Bidder Prediction

Companies most likely to bid

Unlock Bidder Insights

AI predictions on likely bidders

Required Documents

1

GST registration

2

Permanent Account Number (PAN) card

3

Experience certificates for prior vulnerability testing projects

4

Financial statements demonstrating capacity to undertake ₹5,00,000 contract

5

EMD/Security deposit if mandated in ATC

6

Technical bid documents showing methodology for OWASP Top 10 audit

7

OEM authorizations or partner certificates if required

Frequently Asked Questions

How to bid for Delhi Jal Board vulnerability testing tender in Delhi 2025?

Bidders must meet eligibility criteria including local Delhi presence, submit GST/PAN, and provide prior OWASP Top 10 assessment experience. Include technical methodology, audit report samples, and escalation contacts. Ensure all certificates listed in the ATC are uploaded with the bid submission.

What documents are required for vulnerability testing bid in Delhi?

Required documents include GST registration, PAN card, experience certificates for similar audits, financial statements proving capacity for ₹5,00,000, and technical bid detailing OWASP Top 10 approach; upload all ATC-corroga documents to avoid rejection.

What are the technical specifications for OWASP Top 10 audit in Delhi tender?

The scope covers vulnerability assessment of web and mobile apps with OWASP Top 10 focus; deliverables must include risk ratings, remediation recommendations, and a final report addressing injection, authentication, access controls, data exposure, and misconfigurations per OWASP guidelines.

What is the delivery timeline for Delhi Jal Board security testing contract?

The data provides no explicit deadline; bidders should expect alignment with contract issuance timelines and state procurement processes; include a clear delivery plan and milestones in the technical bid.

What are the eligibility criteria for Delhi government security audits?

Eligibility requires local Delhi office presence, prior OWASP Top 10 audit experience, ability to provide escalation contacts, and submission of required documents such as GST, PAN, and experience certificates demonstrating successful projects.

What is the scope of the 25% quantity/duration adjustment clause?

The buyer may adjust contract quantity or duration by up to 25% at contract issue and post-issuance; bidders must accept revised quantity or duration, ensuring resource flexibility to match Delhi Jal Board needs.

What are the escalation matrix requirements for security service support?

Bidders must provide an escalation matrix with telephone numbers for service support; ensure availability within Delhi and include after-hours contact details to resolve critical vulnerabilities promptly.

Is EMD required for this vulnerability testing tender in Delhi?

EMD details are not specified in the available data; bidders should monitor the ATC for explicit EMD amount or exemption and prepare funds accordingly if mandated.