Bid Publish Date
23-Jan-2026, 5:04 pm
Bid End Date
02-Feb-2026, 6:00 pm
Value
₹3,00,000
Location
Progress
Quantity
1
Bid Type
Two Packet Bid
Tribal Affairs Secretariat of the Ministry of Tribal Affairs invites bids for vulnerability and penetration testing of a web application with an OWASP Top 10 application security audit scope. The procurement is located in CENTRAL DELHI, DELHI with an estimated value of ₹300,000. A key differentiator is the mandatory ISO 9001:2015, ISO 27001:2017 and ISO 10667-1:2020 certifications to be submitted with the bid. The contract contemplates a potential quantity/duration adjustment up to 25% at bid or issue stage. The bidder must establish an office in the consignee's state (Delhi) and provide documentary evidence. There are no BOQ items published. This tender focuses on formal security testing of the government-facing application, requiring rigorous compliance and audit reporting.
Product/Service: Vulnerability and Penetration Testing of a Web Application with OWASP Top 10 audit
Est. contract value: ₹300,000
Standards: ISO 9001:2015, ISO 27001:2017, ISO 10667-1:2020; OWASP Top 10 framework
Delivery location: Central Delhi; Delhi-based service provider office required
Certification requirement: ISO certificates to be submitted with bid
Variation clause allows up to 25% change in quantity or duration
Office of service provider must be located in the consignee's state (Delhi)
Bid must include ISO 9001:2015, ISO 27001:2017 and ISO 10667-1:2020 certificates
Not specified in data; verify in bid documents/ATC
Not explicitly defined; variation up to 25% allowed pre/post contract issuance
Not detailed in available terms; refer to standard procurement penalties in ATC
Delhi-based service provider with valid ISO 9001:2015, ISO 27001:2017, ISO 10667-1:2020
Demonstrated experience in government-grade web security testing
Compliance with ATC, Corrigendum, and certificate submission requirements
Main Document
SCOPE_OF_WORK
GEM_GENERAL_TERMS_AND_CONDITIONS
Directorate General Of Quality Assurance ( Dgqa)
HYDERABAD, TELANGANA
Directorate General Of Quality Assurance ( Dgqa)
MUMBAI, MAHARASHTRA
Centre For Development Of Advanced Computing (c-dac)
PUNE, MAHARASHTRA
Spices Board
ERNAKULAM, KERALA
Ujvn Limited
DEHRADUN, UTTARAKHAND
Tender Results
Loading results...
Discover companies most likely to bid on this tender
GST registration certificate
PAN card
ISO 9001:2015 certificate
ISO 27001:2017 certificate
ISO 10667-1:2020 certificate
Proof of Delhi-based office presence (address proof, lease, or utility bill)
Experience certificates for prior web security assessments
Technical bid documents and OEM authorizations (if applicable)
Any other certificates requested in ATC/Corrigendum
Key insights about DELHI tender market
Bidders must meet several eligibility criteria for this security testing tender in Delhi. Required certifications include ISO 9001:2015, ISO 27001:2017, and ISO 10667-1:2020. Submit Delhi office proof, GST, PAN, and prior OWASP Top 10 testing experience. The contract may allow up to 25% quantity/duration variation prior to issuance.
Prepare GST certificate, PAN card, the three ISO certificates (ISO 9001:2015, ISO 27001:2017, ISO 10667-1:2020), proof of Delhi office, and evidence of prior web security assessments. Include bid documents, OEM authorizations if applicable, and any ATC/corrigendum certificates.
The tender requires an OWASP Top 10 based web application security audit. Bidders must demonstrate ability to identify and report threats per OWASP Top 10 categories, provide remediation guidance, and deliver a final security assessment report compliant with government audit standards.
The available data does not specify a fixed delivery window. The contract allows a maximum 25% adjustment to quantity or duration. Confirm exact timelines during bid clarification and align project milestones to the government’s acceptance criteria.
Payment terms are not detailed in the current data. Bidders should review the ATC for payment milestones, typically linked to deliverables such as penetration testing deliverables, vulnerability remediation reports, and sign-off by the authorizing authority.
EMD details are not specified here. Prospective bidders should check the official bid document and ATC for the exact EMD amount or percentage, and the acceptable payment method (DD/online) and submission deadline.
Failure to upload the specified ISO certificates (ISO 9001:2015, ISO 27001:2017, ISO 10667-1:2020) can lead to rejection of the bid. Ensure certificates are current, aligned to scope, and accompanied by all required documentary evidence.
Eligibility requires a Delhi-based office and verifiable security testing background aligned with OWASP Top 10. Submit proof of office address, relevant certifications, and prior government/sector experience. Ensure all certificates match tender scope and are supported by experience certificates.
Tata Memorial Centre
📍 MUMBAI, MAHARASHTRA
Office Of The Registrar General And Census Commissioner Census Of India
📍 EAST DELHI, DELHI
Controller General Of Defence Accounts
Centre For Development Of Advanced Computing (c-dac)
📍 HYDERABAD, TELANGANA
Directorate General Of Quality Assurance ( Dgqa)
📍 KANCHIPURAM, TAMIL NADU
Sign up now to access all documents
Main Document
SCOPE_OF_WORK
GEM_GENERAL_TERMS_AND_CONDITIONS