The University of Lahore

Admission Open in The University of Lahore

22 Feb 2026
Posted Date
01 Mar 2026
Last Date
Lahore
City

📢 REQUEST FOR INFORMATION (RFI)

ISO/IEC 27001:2022 Certification & SOC 2 Type II Independent Assurance Services

https://images.picxy.com/cache/2020/9/4/5e25866b254615987d8490970e4c525b.jpg
https://upload.wikimedia.org/wikipedia/en/2/20/University_of_Lahore_%28logo%29.png
https://www.lcwu.edu.pk/images/2020/news/itdatacentre2.jpg
4
 

The University of Lahore invites Requests for Information (RFI) from reputable and internationally recognized certification and assurance firms for the provision of professional certification and independent assurance services.

This RFI aims to identify qualified firms capable of delivering internationally accredited information security certification and assurance engagements for the University’s IT infrastructure.

🎯 Scope of Engagement

📌 Deliverable 1: ISO/IEC 27001:2022 Certification

Information Security Management System (ISMS)

The scope includes the University IT Department, with particular emphasis on:

  • Data Center Operations

  • Cloud Services Infrastructure

The engagement shall include:

  • Stage 1 Audit

  • Stage 2 Audit

  • Certification Issuance

  • Annual Surveillance Audits

  • Recertification Audit

Certification must comply with ISO/IEC 27001:2022 standards and be issued by an accredited certification body.

📌 Deliverable 2: SOC 2 Type II Independent Assurance Engagement

The selected firm will conduct:

  • An independent examination

  • Issuance of a SOC 2 Type II Report

The engagement must comply with AICPA Trust Services Criteria, evaluating:

  • Design of controls

  • Implementation of controls

  • Operating effectiveness of controls

  • Over a defined review period

✅ Eligibility Criteria

Interested firms must meet the following requirements:

  • Accreditation by an IAF-recognized accreditation body (e.g., UKAS, ANAB, PNAC, or equivalent) for ISO/IEC 27001 certification

  • Authorized and demonstrably capable of performing SOC 2 Type II engagements in accordance with AICPA standards

  • Proven experience in large IT environments, data centers, cloud services, and information security operations

  • Capability to conduct audits and assurance engagements within Pakistan

📅 Submission Details

Interested organizations are requested to submit:

  • Company profile

  • Accreditation details

  • Relevant project experience

🗓 Submission Deadline: 1 March 2026

📧 Submit to:

🔎 Purpose of RFI

This RFI is issued to gather information from qualified firms to support future procurement and engagement planning. Submission of information does not constitute a commitment to award a contract.

For further information, firms may contact the University IT Services Department via the email addresses provided above.


 

 
 
 
Admission Image


Is this page helpful?