Short description
The purchasing system shall cover the requirements for assistance and consultancy related to information security. This includes, but is not limited to, the following sub-areas:
— IT and information security, including consultancy, control system/internal control, personal information protection, follow-up legal requirements etc.
— risk assessments and management,
— security specific testing, including penetration tests, vulnerability scanning etc.