The government authority in Alberta, Canada is seeking qualified vendors to provide professional cyber security assessment, evaluation, and testing services. These services are critical for safeguarding the agency's data and information systems, ensuring their security, integrity, and confidentiality.

Required services include external and internal network penetration testing, wireless network penetration testing, web application vulnerability assessments and penetration testing, AI system vulnerability assessments and testing, hardware and embedded security testing, PCI DSS testing (both quarterly and annual), and social engineering testing. Vendors will conduct engagement planning and preparation sessions with designated Cyber Security Advisors, review engagement scope and implementation plans, perform information gathering and analysis, and assess vulnerabilities.

Consultants are expected to incorporate agency-approved action plans and responses to vulnerabilities into the final reports for all security assessment and testing engagements. All materials collected during assessments—data, artifacts, evidence, credentials, system information, screenshots, logs—must be properly handled and documented. The contract period is three years, and all questions regarding the RFP must be submitted by March 26, 2026.