USAID/ENGAGE

FINISHED: Consultant Request for Digital Security Audit and Consulting

A. Introduction

Pact is an international development nonprofit that works on the ground in nearly 40 countries to end poverty and marginalization. We partner with local organizations, businesses, and governments to build lasting solutions for thriving, resilient communities. Our vision is a world where everyone owns their future. Pact has worked in Ukraine since 2006 in the areas of governance, capacity development, and health. Building on a decade of experience, we address key challenges facing civil society organizations in Ukraine.

This Consultant request (CR) is a part of the Activity to Enhance Non-Governmental Actors and Grassroots Engagement (ENGAGE). The purpose of ENGAGE is to increase citizen awareness of and engagement in civic activities at the national, subnational, and local level.

The issue of digital security has long been a matter of importance within the civil society sector in Ukraine. However, this concern has taken on even greater significance with the start of a full-scale Russian invasion. Recent findings from the Digital Security Lab reveal a dramatic increase in cyber-attacks targeting civil society organizations, with a notable shift in the nature of these attacks compared to pre-February 2022 incidents. Specifically, there has been a rise in attempts to compromise digital security in online platforms and social media channels. Digital security assessment of CSOs conducted by ENGAGE shows that ENGAGE’s partners also have suffered from attempts at breaches of cyber- and digital security both before and after the beginning of Russia’s full-scale war against Ukraine.

The goal of this CR is to hire a Ukrainian consultant to conduct digital security audits and provide digital security consultancy for 30 institutional partner CSOs.

B. Scope of Work

ENGAGE’s institutional partner CSOs play a vital role in promoting democracy, human rights, social justice, and Eurointegration in Ukraine. Safeguarding their digital security is essential for maintaining their independence, strengthening the resilience, and effectively driving reforms in Ukraine. ENGAGE’s assessment indicates CSOs’ need and intention to improve current digital security practices and solutions through conducting security audits.

Responding to the identified need, Pact/ENGAGE aims to enhance the organizational capacity of partner CSOs through increasing the level of their digital security. ENGAGE plans to provide 30 institutional partner CSOs with professional services, including digital security audits and subsequent consultancy, to address their weaknesses identified during the conducted audits and support the CSOs in strengthening their digital security practices.

Expected Results:

Purpose: to enhance the organizational capacity of ENGAGE institutional partner CSOs in digital security by assessing their internal capabilities, identifying areas for improvement, and providing actionable advice on strengthening security practices.

Objectives:

Duties and Responsibilities:

To achieve the abovementioned objectives, the tender is divided into two lots. Prospective consultants can submit a proposal for one of the selected lots, or for both lots at the same time.

 

LOT 1. Conduct digital security audit for 30 core partner CSOs.

Task 1: To develop an outline of approach to digital security audit for 30 ENGAGE institutional partner CSOs.

Task 2: To prepare a digital security checklist taking into account the types of digital citizen engagement tools that the CSOs are using.

Task 3: To conduct digital security audits for 30 institutional partner CSOs.

Task 4: To develop context-specific action plans for emergency cases of perceived breaches of digital security and day-to-day maintenance of digital security. These action plans should adhere to internal organizational regulation and relevant external regulation.

Task 5: To prepare general final report on the digital security for CSOs and individual reports for each CSO (In English and Ukrainian). The individual reports for each CSO should provide detailed findings and recommendations specific to each CSO, along with context-specific action plans and establish baselines for the next security audits. The general final report should include the general results, key takeaways, recommendations for the further development of digital security of CSOs.

The digital security audits should be designed and conducted from the point of view of the CSOs’ context-specific situations, target audiences, locations, and digital citizen engagement tools which influence the current security practices and they ways they can be expected to develop in the future. The selected consultant(s) can expect to work in close partnerships with the CSOs and Pact/ENGAGE.

LOT 2. Provide 30 institutional partner CSOs with professional consultancy services on digital security development.

Task 1: To prepare a comprehensive digital security consultation framework for 30 institutional partners CSOs which includes methodology, and timeline for the consultancy services. Consultant is expected to conduct at least three individual sessions per CSO partner. The final framework should be based on the individuals CSOs’ action plans received after digital security audit.

Task 2: To provide digital security consultancy services to 30 core partner CSOs. The digital security consultancy services should help CSOs to implement their individual action plans and cover the following aspects but not to be limited to:

The contractor should maintain accurate and up-to-date documentation of the consultancy process and track the partner’s digital security advancements.

Task 3: To prepare comprehensive report on digital security consultation which includes an overview of the consultancy services delivered and achieved results for each CSO, lessons learned, common challenges identified, as well as further recommendations for enhancing digital security among partner CSOs.

Deliverables:

Under LOT 1:

Under LOT 2:

Place of Performance: All services required under this solicitation will be performed in Ukraine.

Period of Performance: All services required under this solicitation will be delivered from November 15, 2023 – April 30, 2024.

Expected Level of Effort: Estimated Level of Effort is 128 consulting days (under Lot 1) and 55 consulting days (under Lot 2).  In frame of the timeline, all deadlines and due dates could be negotiated if strong arguments are laid in the proposal.

C. Qualifications

 

D. Eligibility

All proposals which fail to comply with the basic minimum requirements outlined in the solicitation shall be eliminated. See Sections C and E.

E. Application Instructions

Proposals must be submitted electronically to kbondar@pactworld.org no later than 17:00 on November 10, 2023 (Kyiv time). The subject line should contain: “Proposal under Consultant Request P4767-2023-19.”

Documentation required for application:

Questions: All questions or clarifications regarding this Consultant Request must be in writing and submitted to kbondar@pactworld.org no later than 17:00 on November 6, 2023 (Kyiv time). The subject line should contain: “Questions to Consultant Request P4767-2023-19” Questions and requests for clarification, and the responses thereto, will be circulated to all Consultant Request recipients who indicate an interest in this Consultant.

F. Evaluation Criteria

Pact will evaluate applicants using the following criteria (100 points in total):

G. Terms and Conditions

Disclaimers: