Request for Proposals: Security Assessment and Risk Mitigation Development of Protocols and Training Assets

We Seek:

Mighty Earth is seeking an agency or independent consultant to assess, make recommendations for risk mitigation, and create training for our organization, staff, and local partners.

About Mighty Earth:

Mighty Earth is a global advocacy organization working to defend a living planet. We are obsessed with impact: Our goal is to protect half of Earth for Nature and secure a climate that allows life to flourish. Through our proven “perfect storm” model of driving change, we have played a leading role in persuading the world’s largest food and agriculture companies to act against deforestation, land-grabbing, and human rights abuse. We’ve driven the adoption of multi-billion-dollar shifts to clean energy.

Mighty Earth runs policy and markets-based campaigns around the globe, targeting governments and companies. Our organization has achieved transformative change by persuading leading industries to dramatically reduce deforestation and climate pollution throughout their global supply chains in palm oil, rubber, cocoa, and animal feed while improving livelihoods for Indigenous and local communities.

Context:

Our staff and partners operate in countries designated by the US State Department with threat levels of two or higher. We seek a consultant to help provide security assessments and risk mitigation for:

• Cyber security

• In-country security while traveling

• Partner security

Cyber Security or E-Security

The security of our information stored online and on employee devices permanently based in the EU, UK, US or elsewhere is essential. We want an assessment of current platforms and practices related to them and training on best practices. We want to evaluate our existing systems and platforms (email, file sharing, video conferencing, communications tolls) to determine if we use best practices and if our tools are secure, current, and used correctly and consistently, including during travel. We want recommendations for changes and staff training.

Security for Partners

We work with small and large NGOs, local community members on the ground, and contractors. We want to develop a consistent organizational approach to working with these partners to identify and mitigate the possible risks related to our partnership. In particular, we’d like to provide training and support to our team members so they can assess risk and provide a mitigation framework for our work with contractors, partners, and sub-grantees. We want a document outlining fundamental principles for ensuring team member and partner safety, guidance in addressing security with partners (including their own travel, personal, organizational, and cyber security), and a framework for developing context-appropriate protocols to use with partners. We would also like our team members trained in these principles and how to deploy these protocols. Specifically, we are interested in; 1) how to work with partners to identify context-specific risks (which might involve a checklist); and 2) security protocols based on that risk assessment, covering things such as travel, legal risk, organizational operations, e-security, gender-specific risks.

These protocols should be tailored to assess risk for our sub-grantee organizations, partners, and contractors. They should be general enough in scope to use them across all of our geographies, including Southeast Asia, South America (Columbia, Brazil, etc.), and West Africa – including Cote d’Ivoire, Ghana, and Cameroon, and yet identity location-specific risks that may be present.

Proposal Requirements:

All proposals should include:

• Detailed plans for the three specific areas of work: cyber security, in-country security while traveling, and partner security.

• Experience working in this area and relevant expertise.

• Examples of your work, including groups you have worked with

• Timeline and needs.

Please contact Cindy Schwartz ([email protected]) to submit a proposal and questions. Please also notify her if you are planning to submit a proposal. Proposals must be submitted by July 31; we anticipate finalizing our decision in August. Mighty Earth will evaluate proposals based on the following factors: budgetary feasibility, vendor’s experience and success in similar ventures, and vendor’s knowledge.

Offers will be rejected if any illegal or corrupt practices took place in connection with the award. All contracts executed under the project must state that Mighty Earth may terminate the agreement if it finds illegal or corrupt practices connected to the contract execution.

Thanks so much for your interest, and we look forward to hearing from you.