Directorate General Of Quality Assurance Cyber Security Audit Bengaluru Karnataka 2026 Tender CERT-IN DDP Framework

Tender Overview

Directorate General Of Quality Assurance (DGQA), under the Department Of Defence Production, invites bids for cyber security audit services in Bengaluru, Karnataka. Scope includes infrastructure audit, SLA monitoring, security/compliance audit, and operations management process control. Estimated value is ₹61,000; no explicit EMD amount published. Availability of a formal SOW/ATC file suggests compliance with a structured framework. The contract references the DDP Cyber Security Framework 2018 and CERT-IN Comprehensive Cyber Security Audit Policy Guidelines (v1.0, July 2025). Tender documents require standard registration and certifications and point to third-party CSA involvement.

Technical Specifications & Requirements

• No itemized BOQ exists; audit-focused service with cyber security governance, risk, and compliance controls.
• Mandatory certifications and registrations include GST Registration, PAN, MSE Udyam Certificate, and NICSI/CERT_IN empanelment.
• Bidder must provide a 3-year experience certificate, and a Malicious Code Certificate attesting no embedded malicious software; breach implications noted.
• Required performance attestations include Performance certification from 3 Govt./PSU entities.
• ATC requires uploading attestations (Encl 1, Annex A-D) and adherence to CERT-IN policy guidelines for cyber security audits.
• Service and support expectations include a dedicated toll-free number and escalation matrix from the bidder/OEM.

Terms, Conditions & Eligibility

• Bidder must not be under liquidation or bankruptcy and must upload an undertaking confirming financial standing.
• Mandatory submission of all listed documents: GST, PAN, 3-year experience certificate, Malicious Code Certificate, MSE Udyam, NICSI/CERT_IN empanelment, and performance certificates from three govt/PSU bodies.
• Flexible contract quantity/duration: up to 25% adjustment at contract issuance and post-issuance.
• Compliance with the DDP cyber security framework and CERT-IN guidelines is a prerequisite for eligibility.
• Additional ATC/SOW requirements and service support details are provided in attachable bid files.