The Water Sector Governance Project (WSG) addresses the pressing challenges faced by Jordan's water sector, including resource scarcity, increasing demand, and aging infrastructure. These challenges hinder the ability of water-sector institutions to optimize resource allocation and maintain consistent service delivery. To tackle these issues, the WSG promotes the principles of good governance, fostering trust in the management of water resources while developing innovative and sustainable strategies for long-term resource management. The project supports Jordan's water-sector institutions in enhancing inter-agency collaboration, informed decision-making, and efficient resource allocation. By integrating principles of good governance, the initiative contributes to building a resilient and sustainable water sector, securing the well-being of current and future generations.

The tender focuses on enhancing IT security and governance within the Jordanian Water Sector (JWS) by implementing an Information Security Management System (ISMS) based on ISO/IEC 27001:2022.
Work package 1: Develop an ISMS action plan to achieve "ISMS certification readiness" based on ISO/IEC 27001 ISMS (Annexes 3,4 and 5).
As a preparation phase, the contractor will conduct a gap analysis to analyse the status of IT security in the JWS six institutes according to ISO/IEC 27001:2022 requirements and develop a detailed gap analysis report, based upon which an action plan which will be as inputs to the next activities.
The contractor will work closely with the six Jordanian Water Sector entities to identify the requirements and scope of an IT governance framework based on ISO/IEC 27001:2022 ISMS for the six institutes, which also. encompasses the water sector cyber security strategy and action plan. The action plan to be developed includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes, and resources collectively managed by the JWS six institutes, in the pursuit of protecting their information assets and complying with their legal, regulatory, and contractual obligations.
ISMS is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving information security within the Jordanian Water Sector.
The contractor will consider the review and analysis of the current status of the PARtner project and align the Action Plan (see below, WP 2) with their project deliverables on the Work Package on Developing Comprehensive Governmental Digital Services Standard (DSS) for Jordan. Work package 2: Implement the action plan according to the ISO 27001 Information Security requirements, incl. training and operation of the ISMS
After the action plans have been agreed upon with each of the organisations separately, these will be implemented with each organisation respectively in order to make sure they achieve the state of readiness to operate an effective ISMS.
The contractor will work closely with six institution teams with the goal of to implementing the approved action plan delivered by task 1 and achieve readiness to operate an effective ISMS.
Work package 3: Conduct Internal audits and monitor ISMS operation
Plan and conduct 6 institution Internal Audit programs as part of ISMS.

GIZ may optionally commission contract amendments and/or increases based on the criteria in the tender documents to the successful bidder of this tender. For details, please see the terms of reference.

According to Article 160, Section 3 of the German Act Against Restraint of Competition (GWB), application for review is not permissible insofar as
1. the applicant has identified the claimed infringement of the procurement rules before submitting the application for review and has not submitted a complaint to the contracting authority within a period of 10 calendar days; the expiry of the period pursuant to Article 134, Section 2 remains unaffected,
2. complaints of infringements of procurement rules that are evident in the tender notice are not submitted to the contracting authority at the latest by the expiry of the deadline for the application or by the deadline for the submission of bids, specified in the tender notice.
3. complaints of infringements of procurement rules that first become evident in the tender documents are not submitted to the contracting authority at the latest by the expiry of the deadline for application or by the deadline for the submission of bids,
4. more than 15 calendar days have expired since receipt of notification from the contracting authority that it is unwilling to redress the complaint.
Sentence 1 does not apply in the case of an application to determine the invalidity of the contract in accordance with Article 135, Section 1 (2). Article 134, Section 1, Sentence 2 remains unaffected.

All communication takes place in English via communication tool in the project area of the procurement portal.

GIZ asks the applicant or bidder to submit, complete or correct documents, within the framework laid down by law.

The execution conditions result from the information given in the contract notice and the tender documents.