• Kacyiru, Kigali - Rwanda, KG 563 St
  • +250 788 387 632 | +250 730 303 333
  • info@rswitch.co.rw

Tender for PCI DSS Version 4 Compliance Services for the years 2025 and 2026

Introduction

RSwitch Rwanda is a Payments Solution Company serving as the national e-payment switch of Rwanda and driver of the SmartCash® brand enabling electronic payment settlements, interoperability through eKash and financial solutions in Rwanda and the region.

Our mission is to expand the financial services ecosystem by delivering interoperable solutions using the best capabilities and the most reliable technology.

Rswitch invites eligible firms to submit proposals for the provision of PCI DSS Version 4 compliance services. The selected firm will assist RSwitch in achieving and maintaining PCI DSS compliance for two years, that is, 2025 and 2026.

Scope of Work

  1. Conduct an initial gap analysis against PCI DSS Version 4 requirements.
  2. Develop and implement a roadmap for achieving PCI DSS compliance.
  3. Provide advisory services on necessary technical and operational changes.
  4. Conduct regular assessments and audits to ensure ongoing compliance.
  5. Assist in incident response planning and conduct periodic testing.
  6. Provide training and awareness programs on PCI DSS requirements.

Eligibility Criteria

  1. The bidder should have proven experience in assisting organizations in achieving PCI DSS compliance.
  2. Demonstrated expertise in PCI DSS Version 4 requirements.
  3. Previous experience working with payment service providers or financial institutions is preferred.
  4. Ability to provide references from similar projects.

Proposal Submission

Interested bidders should submit their proposals, including:

  1. Company profile and relevant experience.
  2. Proposed approach and methodology that does not exceed 10 pages.
  3. Detailed work plan and timeline.
  4. Financial proposal with a breakdown of costs.
  5. At least 2 references from past clients.

Selection Criteria

Proposals will be evaluated based on:

  1. Technical expertise and experience in PCI DSS compliance.
  2. Proposed methodology and approach.
  3. Cost-effectiveness of the proposal.
  4. Ability to meet project timelines.

Terms and Conditions

The contract duration will be for 2 years, covering the years 2025 and 2026.

  1. RSwitch reserves the right to accept or reject any proposal and to annul the tendering process at any time.
  2. All proposals must be submitted in English and comply with the specified format and requirements.
  3. RSwitch may conduct interviews or request additional information from shortlisted bidders.

Proposal Deadline

Proposals must be submitted no later than 30th September 2024 via email to riskcompliance@rswitch.co.rw. Late submissions will not be considered.

Contact Information

For inquiries regarding this tender, please contact:  riskcompliance@rswitch.co.rw

Announcement of Award

The selected bidder will be notified within 45 days of the proposal submission deadline.