EXPRESSION OF INTEREST

(EOI)

Title of Consulting Service: The Operation and

Management of National Cyber Security Center

Method of Consulting Service: National

Project Name : The Operation and Management of National Cyber Security Center
EOI : MoCIT/G/NCB/EOI/2080-081/03
Office Name: Ministry of Communication and Information Technology
Office Address: Singhdurbar Kathmandu

Funding agency : Government Budget

Abbreviations

CV - Curriculum Vitae
DO - Development Partner
EA - Executive Agency
EOI - Expression of Interest
GON - Government of Nepal
JV - Joint Venture
NCSC - National Cyber Security Center
PAN - Permanent Account Number
PPA - Public Procurement Act
PPR - Public Procurement Regulation
TOR - Terms of Reference
VAT - Value Added Tax
MOCIT - Ministry of Communication and Information Technology.
VAPT - Vulnerability Assessment and Penetration Testing
ICT - Information and communication Technology.
NITC - National Information and Technology Center.
CIA - Confidentiality Integrity and Availability.
Table of Contents

Section I. A. Request for Expression of Interest 4

Section II. B. Instructions for submission of Expression of Interest 6
Section III. C. Objective of Consultancy Services or Brief TOR 8
Section IV. D. Evaluation of Consultant's EOI Application 15
Section V. E. EOI Forms and Formats 18
 A. Request for
Expression of Interest
 Request for Expression of Interest
Government of Nepal (GoN)
Name of Employer: Ministry of Communication and Information Technology

Date: 14-12-2023 00:00

Name of Project: The Operation and Management of National Cyber Security Center

1. Government of Nepal (GoN) has allocated fund toward the cost of The Operation and Management of National Cyber Security
Center and intend to apply portion of this fund to eligible payments under the Contract for which this Expression of Interest is
invited for National consulting service
2. The Ministry of Communication and Information Technology now invites Expression of Interest (EOI) from eligible consulting
firms (“consultant”) to provide the following consulting services: The Operation and Management of National Cyber Security
Center
3. Interested eligible consultants may obtain further information and EOI document free of cost at the address Ministry of
Communication and Information Technology,https://www.bolpatra.gov.np/ during office hours on or before 29-12-2023 12:00
or visit e-GP system www.bolpatra.gov.np/egp or visit the client’s website mocit.gov.np
4. Consultants may associate with other consultants to enhance their qualifications.

5. Expressions of interest shall be delivered online through e-GP system www.bolpatra.gov.np/egp on or before 29-12-2023 12:00

6. In case the last date of obtaining and submission of the EOI documents happens to be a holiday, the next working day will be
deemed as the due date but the time will be the same as stipulated.
7. EOI will be assessed based on Qualification 50.0 %, Experience 40.0 %, and Capacity 10.0 % of consulting firm and key
personnel. Based on evaluation of EOI, only shortlisted firms will be invited to submit technical and financial proposal through
a request for proposal.
8. Minimum score to pass the EOI is 60
B. Instructions for Submission of Expression of Interest
 Instructions for Submission of Expression of Interest
1. Expression of Interest may be submitted by a sole firm or a joint venture of consulting firms and the maximum number of
partners in JV shall be limited to three.
2. Interested consultants must provide information indicating that they are qualified to perform the services (descriptions,
organization and employee and of the firm or company, description of assignments of similar nature completed in the last 7
years and their location, experience in similar conditions, general qualifications and the key personnel to be involved in the
proposed assignment).
3. This expression of interest is open to all eligible consulting firm/person/ company/ organization/ JV (Partners in JV shall be
limited to 3)..
4. In case, the applicant is individual consultant, details of similar assignment experience, their location in the previous 4 years and
audited balance sheet and bio data shall be considered for evaluation.
5. The assignment has been scheduled for a period of end of the fiscal year.. Expected date of commencement of the assignment
is 27-02-2024.
6. A Consultant will be selected in accordance with the QCBS method.

7. Expression of Interest should contain following information:

(i) A covering letter addressed to the representative of the client on the official letter head of company duly signed by
authorized signatory.
(ii) Applicants shall provide the following information in the respective formats given in the EOI document:

• EOI Form: Letter of Application (Form 1)

• EOI Form: Applicant’s Information (Form 2)

• EOI Form: Work Experience Details (Form 3(A), 3(B) & 3(C))

• EOI Form: Capacity Details (Form 4)

• EOI Form: Key Experts List (form 5).

8. Applicants may submit additional information with their application but shortlisting will be based on the evaluation of
information requested and included in the formats provided in the EOI document.
9. The Expression of Interest (EOI) document must be duly completed and submitted by electronically only using the forms and
instructions provided by the system.
10. The completed EOI document must be submitted on or before the date and address mentioned in the “Request for Expression of
Interest”. In case the submission falls on public holiday the submission can be made on the next working day. Any EOI
Document received after the closing time for submission of proposals shall not be considered for evaluation.
C. Objective of Consultancy Services or Brief TOR
 Terms of Reference
For
The Management and Operation of National Cyber Security Monitoring Center
(NCSMC)

Background

The Information Technology Emergency Response Team (ITERT) directive of 2075

has mainly two objectives i.e., security monitoring and emergency response. Based
on that directives Government of Nepal have established National Cyber Security
Monitoring Centre (NCSMC) and formed National Information Technology
Emergency Response Team (NITERT) back in 2076.
The NCSMC is responsible for monitoring and analyzing the security position by
detecting, analyzing, and responding to cyber security incidents using a combination
of technology solutions and a strong set of processes. The NCSMC is in the premises
of Ministry of Communication and Information Technology (MoCIT). While
NITERT comprising of twelve cross sectoral representatives from Ministry of
Finance, Ministry of Home Affairs, Ministry of Education, Science and Technology,
Nepal Police, Nepal Rastra Bank and so on. The NITERT is a responsible entity to
monitor and ensure efficient operation of the National Cyber Security Monitoring
Centre.
For the productive operation of NCSMC a dedicated team needs to work in close
coordination with MoCIT and NITERT. The dedicated team will mainly be
responsible for security incident detection through continuous monitoring and
analysis of data activity. Furthermore this team will work to find critical events to
ensure timely detection and response. Currently neither NCSMC nor MoCIT has
sufficient skilled human resources to fulfill this dedicated team. To oversee this
requirement MoCIT has started to procure consulting team from last couple of fiscal
years. The consulting team needs to support in technical assessments related to
NCSMC from human resource development to developing process for effective
management.

1
 and operation of NCSMC as well. The team is required to work together with close
coordination with NITERT.
Objectives
The main objective of this consultancy is as follows:
• to ensure potential security incidents correctly identified, investigated,
analyzed, defended, and reported promptly,
• to fully operate and update technical tools and devices configuration in the
National Cyber Security Monitoring Centre, and
• to help ensure business continuity of critical and other important IT
infrastructures related to the National Cyber Security Monitoring
Centre.
1. Service Responsibilities
The followings are the main tasks to be performed by the consultant:
• 24X7 monitoring by at least two people on NCSMC Premises.
• To investigate and analyze Incidents and Phishing reported from the NITERT
website.
• To fully manage and operate existing monitoring systems deployed in NCSMC.
• To find different vulnerabilities, threats, risks identified in Security Information
and Events Management (SIEM) and facilitate the remedy of those.
• To prepare and provide advisories on Cyber Security based on recent best
international practices to MoCIT and NITERT regularly.
• To prepare technical reports, and documentation related to security incident
resolution and report to NITERT.
• To properly manage the official website of the NITERT.
• To prepare/update relevant contents and articles based on international practices on
the NITERT website.
• To provide technical assistance to NITERT for incident handling and resolution of
other Agencies of Government of Nepal as required.
• To provide training and transfer knowledge to other security team working in
NCSMC, National ITERT and other staffs as required.
• To perform all the tasks related to cyber security as instructed by NITERT.
• To prepare and updated cyber security related policies, guidelines, procedures etc.
as instructed by MoCIT and NITERT.
• To provide training on Contemporary issues related to cyber security as instructed
by NITERT.
2
 2. Evaluation Criteria:
a. Consulting Firm:
• The consulting firm must have experience of providing Managed
Security Service and also have at least three years of working experience
in the field of Cyber Security.
• The consulting firm must have experience of having conducted IT
security assessment or VAPT in any five government organizations or
banks or other private organizations.
• The consulting firm having experience in SEIM/SOAR will have an
advantage.

b. Team Composition:

Estimated
man-month
S. Domain (no. of
Qualification Work Experience/skills
N Expert personnel ×
total no. of
months)
1. Information • Bachelor’s Degree in • At least 5 years of 1× 5
Security ICT related field with experience in cyber
Expert experience in Cyber security field.
Security projects • Experience as a
• Certification/Training team leader / project
in CISA (Computer manager / executive
Information Security

3
 Auditor), ITIL or officer will be an added
CISSP (Certification advantage.
of Information System • Experience in
Security Professional) Cyber Security field
or relevant related projects is highly
certification will be preferred.
added advantage. • Exposure to
international practices in
Information and
Communication
Technologies is highly
preferred.

2. Security • Bachelor's Degree • At least 3 years of 6 x5

Operation in ICT related field relevant work
Center • International experience.
Analyst Certifications/Training Certifications related to
related to Cyber Security SOC Analysis is highly
like CEH or relevant preferred.
certification is highly • Exposure to
preferable. international practices in
Cyber Security is highly
preferred.

3. Deliverables
• Daily Report submission.

4
 • The inception report of the tasks (within one month from contract
date)
• Submit instant report of any unusual event seen in NCSMC and other
cyber incidents occurred in Nepal Cyber Space to Cyber Security
Section of MoCIT.
• Submit monthly report regarding all tasks and remedy techniques
applied.
• These deliverables should be submitted as per the following deadlines:

S.N. Deliverable Deadline

1 Daily Report submission
2 Inception Report
3 Incident handling report
4 Monthly summary report
5 Final detailed report of the assignment
*SOC: Security Operation Center
Daily
Within one month of contract.
Within 24 hours of any detected Cyber
Security incident.
At the end of each month during the
contract period
Before the end of the contract.

4. Payment Schedule
The payment shall be done in monthly basis after the submission of monthly
progress report along with the tax invoice by the consultant for approval and after
the submission of all relevant deliverables for that particular month.

5. Duration of Assignment
This assignment will be a Time-Based Assignment. The duration for this
assignment will last till the end of fiscal year 2080/81. The agreement can be
extended if ministry needs the service in future.

6. Location
The consultant should work at MoCIT. The monitoring should be done 24X7
including public holidays. For this, at least two SOC analysts should be present
physically anytime. The Information Security Expert should be present in office
working days. S/he must provide online services on other days too.

5
7. Disclosure
Unless explicitly stated, all materials, tangible or otherwise, including but not
limited to: incident reports, events, technological details regarding the SOC,
etc.are considered strictly confidential and vendor will be prohibited from
disclosing aforementioned contents. A detailed NDA can be signed before
beginning the contract.

6
D. Evaluation of Consultant’s EOI Application
 Evaluation of Consultant’s EOI Application
Consultant’s EOI application which meets the eligibility criteria will be ranked on the basis of the Ranking Criteria.

i) Eligibility & Completeness Test

Sl. No. Criteria Title Compliance

1 Corporate Registration

2 Tax Clearance of fiscal year 2079-080 / Tax Clearance of fiscal year 2078-079 and Tax Return
Submission of fiscal year 2079-080
3 VAT/PAN Registration

4 EOI Form 1: Letter of Application

5 EOI Form 2: Applicant’s Information Form

6 EOI Form 3: Experience (3(A) and 3(B))

7 EOI Form 4: Capacity

8 EOI Form 5: Qualification of Key Experts

9 In case of a natural person or firm/institution/company which is already declared blacklisted and
ineligible by the GoN, any other new or existing firm/institution/company owned partially or fully
by such Natural person or Owner or Board of director of blacklisted firm/institution/company;
shall not be eligible consultant.
10 If the corruption case is being filed to Court against the Natural Person or Board of Director of the
firm/institution /company or any partner of JV, such Natural Person or Board of Director of the
firm/institution /company or any partner of JV shall not be eligible to participate in procurement
process till the concerned Court has not issued the decision of clearance against the Corruption
Charges.

ii) EOI Evaluation Criteria

A. Qualification

Sl. No. Criteria Minimum Requirement

Minimum Bachelor degree in Computer Science/Engineering or

1 Qualification of Information Security Expert (a)
2 Qualification of Information Security Expert (b)
3 Experience of Information Security Expert (a)
4 Experience of Information Security Expert (b)
5 Qualification of SOC Analyst (a)
6 Qualification of SOC Analyst (b)
7 Experience of SOC Analyst (a)
8 Experience of SOC Analyst (b)
ICT related field
Higher degree in related field will get additional value
Training/Certification on CISA/ITIL/CISSP/CEH or relevant
certification
At least five years of experience in cyber security field
Higher years of experience will get more number
At least two years of experience as a team leader/project
manager/executive officer
Minimum Bachelor degree in Computer Science/Engineering or
ICT related field
Higher degree in related field will get additional value
"Training/Certification on CISA/ITIL/CISSP/CEH/ or relevant
certification in Cyber security /SOC analysis
At least three years of experience in cyber security field
Higher years of experience will get more number
At least one years (or project) of experience in working with
SIEM/SOAR

Score: 50.0

B. Experience
 Sl. No. Criteria Minimum Requirement

Minimum three years of experience in the field of Cyber

1 General Experience of consulting firm Security
More years of experience will get additional number
Specific experience of consulting firm within last 7 years. Experience of providing at least one Managed Security Services
2 In case of person, specific experience of the person within to Government Organization / Banks / Financial Sector/ INGO,
last 4 years.(a) NGO /private sector
Specific experience of consulting firm within last 7 years.
Experience of conducting 5 IT Security assesment or VAPT for
3 In case of person, specific experience of the person within
Government organizations or banks or private sectors
last 4 years.(b)
Specific experience of consulting firm within last 7 years.
4 In case of person, specific experience of the person within Experience of working on SIEM/ SOAR
last 4 years.(c)

Score: 40.0

C. Capacity

Sl. No. Criteria Minimum Requirement

Firm must have average annual turnover of NRS 35 Lakhs (The

1 Financial Capacity. average annual turnover shall be calculated for best of 3 fiscal
years of last seven fiscal years)
"Firm must have at least One (1) Software License for
Infrastructure/equipment related to the proposed Monitoring environment
2
assignment. (eg.SIEM, VAPT etc)
"

Score: 10.0

Minimum score to pass the EOI is: 60

Note : If the corruption case is being filed to Court against the Natural Person or Board of Director of the firm/institution /company or any partner of JV, such
Natural Person or Board of Director of the firm/institution /company or any partner of JV such consultant’s proposal shall be excluded during the evaluation.
E. EOI Forms & Formats
E. EOI Forms & Formats

Form 1. Letter of Application

Form 2. Applicant’s information

Form 3.Experience (General, Specific and Geographical)

Form 4. Capacity

Form 5. Qualification of Key Experts

 Standard EOI Document

1. Letter of Application

(Letterhead paper of the Applicant or partner responsible for a joint venture, including full
postal address, telephone no., fax and email address)

Date: ..........................

To,
Full Name of Client: __________________________
Full Address of Client: ________________________
Telephone No.: ______________________________
Fax No.: ____________________________________
Email Address: _______________________________

Sir/Madam,

1. Being duly authorized to represent and act on behalf of (hereinafter "the Applicant"), and
having reviewed and fully understood all the short-listing information provided, the
undersigned hereby apply to be short-listed by [Insert name of Client) as Consultant for
{Insert brief description of Work/Services}.

2. Attached to this letter are photocopies of original documents defining:

a) the Applicant's legal status;

b) the principal place of business;

3. [Insert name of Client] and its authorized representatives are hereby authorized to verify
the statements, documents, and information submitted in connection with this application.
This Letter of Application will also serve as authorization to any individual or
authorized representative of any institution referred to in the supporting information, to
provide such information deemed necessary and requested by yourselves to verify
statements and information provided in this application, or with regard to the resources,
experience, and competence of the Applicant.

4. [Insert name of Client) and its authorized representatives are authorized to contact
any of the signatories to this letter for any further information.1

5. All further communication concerning this Application should be addressed to the following
person,

[Person]

[Company]

[Address]

[Phone, Fax, Email]

6. We declare that, we have no conflict of interest in the proposed procurement proceedings

and we have not been punished for an offense relating to the concerned profession or

1
Applications by joint ventures should provide on a separate sheet, relevant information for each party to the
Application.
 Standard EOI Document

business and our Company/firm has not been declared ineligible.

7. We further confirm that, if any of our experts is engaged to prepare the TOR for any ensuing
assignment resulting from our work product under this assignment, our firm, JV member or
sub-consultant, and the expert(s) will be disqualified from short-listing and participation in
the assignment.

8. The undersigned declares that the statements made and the information provided in the duly
completed application are complete, true and correct in every detail.

Signed :

Name :

For and on behalf of (name of Applicant or partner of a joint venture):

 Standard EOI Document

2. Applicant’s Information Form

(In case of joint venture of two or more firms to be filled separately for each constituent
member)

1. Name of Firm/Company:

2. Type of Constitution (Partnership/ Pvt. Ltd/Public Ltd/ Public Sector/ NGO)

3. Date of Registration / Commencement of Business (Please specify):

4. Country of Registration:

5. Registered Office/Place of Business:

6. Telephone No; Fax No; E-Mail Address

7. Name of Authorized Contact Person / Designation/ Address/Telephone:

8. Name of Authorized Local Agent /Address/Telephone:

9. Consultant’s Organization:

10. Total number of staff:

11. Number of regular professional staff:

(Provide Company Profile with description of the background and organization of the
Consultant and, if applicable, for each joint venture partner for this assignment.)
 Standard EOI Document

3. Experience

3(A). General Work Experience

(Details of assignments undertaken. Each consultant or member of a JV must fill
in this form.)

S. Name of Location Value of Year Client Description of work carried

N. assignment out
Contract Completed

1.

2.

3.

4.

5.

6.

7.
 Standard EOI Document

3(B). Specific Experience

Details of similar assignments undertaken in the previous seven years

(In case of joint venture of two or more firms to be filled separately for each
constituent member)

Assignment name: Approx. value of the contract (in current NRs;

US$ or Euro)2:

Country: Duration of assignment (months):

Location within country:

Name of Client: Total No. of person-months of the assignment:

Address: Approx. value of the services provided by your

firm under the contract (in current NRs; US$ or
Euro):

Start date (month/year): No. of professional person-months provided by

the joint venture partners or the Sub-
Completion date (month/year): Consultants:

Name of joint venture partner or Narrative description of Project:

sub-Consultants, if any:

Description of actual services provided in the assignment:

Note: Provide highlight on similar services provided by the consultant as

required by the EOI assignment.

Firm’s Name:

2
Consultant should state value in the currency as mentioned in the contract
 Standard EOI Document

3(C). Geographic Experience

Experience of working in similar geographic region or country

(In case of joint venture of two or more firms to be filled separately for each
constituent member)

No Location Execution Year

Name of the Project (Country/ Region) and Duration

1.

2.

3.

4.

5.

6.

7.
 Standard EOI Document

4. Capacity
4(A). Financial Capacity
(In case of joint venture of two or more firms to be filled separately for each constituent
member)

Annual Turnover

Year Amount Currency

- Average Annual Turnover

(Note: Supporting documents for Average Turnover should be submitted for the above.)
 Standard EOI Document

4(B). Infrastructure/equipment related to the proposed assignment3

No Infrastructure/equipment Requirements Description
Required

1.

2.

3.

4.

5.

3 Delete this table if infrastructure/equipment for the proposed assignment is not required.
 Standard EOI Document

5. Key Experts (Include details of Key Experts only)

(In case of joint venture of two or more firms to be filled separately for each
constituent member)
Specific
Highest Work Experience Work
SN Name Position Nationality
Qualification (in year) Experience
(in year)
1

(Please insert more rows as necessary)

EGP ONLY