Invitation to Tender: IT Security Audit (MS365)
On behalf of the Audit & Risk Committee of the Girls’ Learning Trust, we are writing to offer you an opportunity to tender to undertake a security audit of our Microsoft 365 Tenancy as part of our internal audit function.
We welcome proposals encompassing diverse security M365 audit approaches, including Microsoft audit and risk tools, Microsoft Defender for Identity tools, and tailored third-party tools. During the assessment, we anticipate the examination of crucial areas, including but not restricted to the subsequent non-exhaustive list:
- External vulnerability assessment
- Gap Analysis (current configuration vs MS best practice recommendations)
- M365 Mail Flow recommended setup
- M365 Forensic Audit
- M365 Secure Score
- MFA
- Phishing simulation
- SASE/Remote Worker Security
- Backup/disaster recovery
Full details are included in the invitation for tender document attached below. The deadline for submissions is 3pm on 11 March 2024.