REQUEST FOR PROPOSAL (RFP) FOR IDENTITY ACCESS MANAGEMENT (IAM) AND 

PRIVILEGED ACCESS MANAGEMENT (PAM) SOLUTION

Introduction

The Central Bank of Somalia (CBS) is seeking proposals from qualified vendors to implement a 

comprehensive Identity Access Management (IAM) and Privileged Access Management (PAM) 

solution. The solution should enhance the security posture of CBS by centralizing access 

control, streamlining user management, and enforcing least privilege principles across both 

on-premises and cloud-based systems.

Requirements

The proposed IAM and PAM solution must meet the following requirements:

1. Core Functionality:

a) Multi-Factor Authentication (MFA): Mandatory support for various MFA methods 

(e.g., OTP) to enhance login security.

b) Activity Logging and Auditing: Detailed recording of all user activities, including login 

attempts, access grants, and privilege escalations, for security monitoring and 

compliance.

c) Centralized Access Control: A unified platform for managing user identities, roles, and 

access permissions across all CBS systems.

d) Role-Based Access Control (RBAC): Implementation of RBAC to enforce least privilege 

and ensure users only have access to the resources necessary for their roles.

e) High Availability: The solution must be highly available with minimal downtime, 

ensuring continuous operation of critical systems.

f) On-Premises Deployment: Primary deployment on-premises within the CBS data 

center.

g) Cloud Integration: Seamless integration with cloud-based systems and applications.

h) Disaster Recovery (DR) Site: Support for a secondary DR site to ensure business 

continuity in case of primary site failure.

2. System Compatibility:

a) Core Banking System: Full compatibility with Temenos T24 core banking system.

ERP System: Integration with Oracle EBS Suite.

c) Other Systems: Flexibility to integrate with various in-house developed systems and 

applications.

3. Privileged Access Management (PAM):

a) Privileged Account Management: Secure management of privileged accounts with 

features like password vaulting, session recording, and just-in-time access.

b) Elevated Access Control: Strict control over privileged access to critical systems and 

data.

4. User Base:

The proposed solution should cater to approximately 250 users requiring IAM and 20 

users requiring PAM

5. Vendor Qualifications:

a) Proven track record of successful IAM and PAM implementations in the financial 

sector.

b) Strong technical expertise and experience with the specified technologies.

c) Ability to provide comprehensive support and maintenance services.

6. Proposal Submission:

Interested vendors should submit their proposals, including:

a) Company profile with detailed physical verifiable address.

b) Commercial registration certificates from country of operations.

c) Tax registration and compliance proof (TCC).

d) Proven track Record of similar assignments (Contracts or recommendations)

e) Detailed solution description and architecture.

f) Proof of concept (POC) plan.

g) Implementation plan and timeline.

h) Pricing and licensing model.

Evaluation Criteria:

Proposals will be evaluated based on the following criteria:

a) Compliance with requirements

b) Technical capabilities

c) Security features

d) Implementation plan

e) Cost-effectiveness

f) Vendor experience and support

Interested, eligible, and qualified vendors are invited to apply for the bid. Your return 

proposal must be received not later than Tuesday 7

th January 2025, 5:00pm East African Time

("the Closing Date") and sent through email [email protected]

Failure to meet the Closing Date may result in the tender being void. Returned bids must 

remain open for consideration for a period of not less than 30 days from the Closing Date.