CFT-1748 - IT Security Operations and Testing, Business Continuity, Information Protection and Access Control Consultancy Services | Tenderlake

CFT-1748 - IT Security Operations and Testing, Business Continuity, Information Protection and Access Control Consultancy Services

Contract Value:
EUR 56M - 56M
Notice Type:
Contract Notice
Published Date:
05 December 2025
Closing Date:
07 January 2026
Location(s):
LU LUXEMBOURG
Description:
Framework Agreements will be awarded for information security services to support the Cybersecurity Division of the European Investment Bank Group, covering IT Security Operations, Business Continuity, Information Protection, and IT Security Testing.

The purpose of this Call for Tenders is to award Framework Agreements to up to 5 successful Tenderers (per each lot) for the provision of information security Services to support the Cybersecurity Division of the European Investment Bank Group. The services in scope include:
Lot 1 - Provision of IT Security Operations consultancy services;
Lot 2 - Provision of Business Continuity consultancy services;
Lot 3 - Provision of Information Protection and Identity and Access Management consultancy services; and
Lot 4 - Provision of IT Security Testing services.
For more details please refer to the procurement documents.


LOT-0001
Provision of IT Security Operations consultancy services.
The services in scope include:
• Security Engineering support, i.e. support regarding the incorporation and maintenance of security controls into the information system so that they become an integral part of the system’s operational capabilities;
• Security Monitoring support, i.e. assistance with regards to collecting and analysing indicators of potential security threats and triaging these threats with appropriate actions.


LOT-0002
Provision of Business Continuity consultancy services.
The services in scope include:
- Business Continuity support, i.e. support in planning, building, running and managing EIB’s enterprise-wide Business Continuity Management Operational Framework;
- ICT Disaster Recovery support, i.e. assistance in designing and implementing EIB’s enterprise-wide ICT resilience and Disaster Recovery Management programmes.


LOT-0003
Provision of Information Protection and Identity and Access Management consultancy services.
The services in scope include:
- Identity and Access Management support, i.e. assistance in the handling of end-users and technical teams’ requests related to access management, authentication management, recertification process, contribution to architectural design, optimization of operational processes, contribution to risk assessments;
- Information Protection Analyst support, i.e. assistance in conducting/defining feasibility studies, gap analysis, architectural design, governance and operational models in the different domains of the Information Protection such as information classification, data leakage prevention, information management, etc.


LOT-0004
Provision of IT Security Testing Services.
The services in scope include:
- IT Security Penetration Testing Services covering, but not limited to, EIB’s applications penetration testing, web and mobile applications, network penetration testing, social engineering including physical intrusion;
- Red and Purple Teaming support, i.e. assistance in designing and running structured and comprehensive scenario-based cyber incident testing on live systems using recognized frameworks (e.g., MITRE ATT@CK, CBEST...);
- IT Security Audit and Compliance support, i.e. assistance in testing the effectiveness of security controls and risk mitigations plans based on EIB’s Internal Control Framework (ICF).

The Buyer:
European Investment Bank
Additional information:
Link:
View Full Notice
Link:
Additional document: default-text
Link:
Download Full Notice as PDF
CPV Code(s):
72000000 - IT services: consulting, software development, Internet and support
72212732 - Data security software development services
72220000 - Systems and technical consultancy services
72225000 - System quality assurance assessment and review services
72253200 - Systems support services
72254100 - Systems testing services
72800000 - Computer audit and testing services
72820000 - Computer testing services