Financial markets regulator, the Australian Securities and Investments Commission (ASIC), has started looking for an external firm to conduct counter-surveillance activities across its information and communications technology systems.
The contract forms part of ASIC's protective security strategy, which requires the regulator to conduct unannounced "technical surveillance countermeasure activities" in all of its sites across Australia, with the purpose of identifying weaknesses that could lead to security or compliance breaches. Special attention will be paid to ASIC's major offices in Sydney, Melbourne, Adelaide, Perth and Traralgon in Victoria, according to tender documents released by ASIC.
Specific tasks the contractor will provide to ASIC include electronic scans of ASIC sites, physical inspections of systems containing sensitive information, surveys of ASIC's electronic surveillance systems, and staff interviews about their adherence to the regulator's compliance obligations.
ASIC hopes the contracted company will be able to provide it with advice on how emerging technologies may impact ASIC's security and business continuity arrangements.
The contractor's staff that conduct counter surveillance at ASIC will be required to gain "Highly Protected" security clearance by ASIC.
Tenders for the work are expected to be lodged by 24 October 2008.