About Sawt
The Strengthening Civil Society and Media Systems (Sawt) Activity is implemented by Internews in partnership with Mercy Corps and the International Center for Non-Profit Law (ICNL). Sawt aims to foster sustained civic engagement in Jordan through civil society and digital media innovations through two objectives: 1) Good, Trusted Knowledge-Building Resources: Citizens and civil society build knowledge through accessing and engaging critically with accurate and fact-based information and 2) Participation & Advocacy: Citizens and civil society organizations (CSOs) in Jordan effectively participate in civic spaces and advocate for policies through knowledge-based collective action.
About Internews
Internews is an international nonprofit operating in 100 countries. At Internews, we believe everyone deserves trustworthy news and information to make informed decisions about their lives and hold power to account. We train journalists and digital rights activists, tackle disinformation, and offer business expertise to help media outlets become financially sustainable. For more information about the organization please visit: www.internews.org.
Summary
Enhancing the digital safety and security capacities of Sawt partners is a key priority. The digital safety and security training and clinics provider (henceforth referred to as provider) will contribute to realizing this priority by enhancing the digital safety and security capabilities of two specific groups: 1- CSOs benefiting from Sawt’s civil society capacity building programs, and 2- Digital media platforms benefiting from Sawt’s media support programs. The provider will deliver the capacity building through two main formats: 1- Group trainings to increase knowledge and awareness; 2- Clinics offered to each organization to further examine needs and coach partners on practices to address vulnerabilities and mitigate threats.
Objectives
Improving the resilience of partner CSOs and digital media platforms by enhancing their ability to operate in a challenging environment, through increased digital safety and security knowledge and awareness and adopted practices to address vulnerabilities and mitigate threats.
Duration and Management:
The duration of this program is 4 months, subject to extension if needed, expected to start in July 2024. Sawt, in collaboration with Internews Global Tech (GTH), will be overseeing the delivery of this project, according to Internews digital safety and security approaches, resources, protocols and guidelines.
Scope of Work
Preparation:
According to guidance provided by Sawt and Internews GTH:
- Conduct a comprehensive knowledge assessment for partner organizations to inform the design and delivery of trainings and clinics.
- In addition to available Internews resources, identify, translate, and localize available digital safety and security resources that can be beneficial to the design of the trainings.
- Based on the results of the knowledge assessments, develop tailored digital safety and security training plan and training materials.
- Deliver in-person trainings on digital safety and security for partner organizations, ensuring effective transfer of knowledge and skills to participants according to their needs and level of knowledge and capabilities.
Clinics:
According to guidance provided by Sawt and Internews GTH:
- Prepare for and conduct a digital safety and security audit for each partner organization to identify priorities and needed measures to be taken to improve digital safety and security capacities, and provide a development plan for each partner organization.
- Deliver clinics, both in-person/onsite and remotely/online, to support partner organizations implement received trainings and enhance relevant organizational practices and resilience against digital security threats. This could include, identifying potential risks and incident response, troubleshooting support, resolving cyber-attacks, etc..
Hereunder are illustrative examples on training topics and clinics support; however, the selection and level of training on these topics will depend on the results of the knowledge assessment:
| Introduction to Digital Safety and Security: Understanding the importance of digitals safety and security. Overview of common digital threats and risks. |
| Risk Assessment and Threat Modeling: Conducting risk assessments to identify potential threats. Developing threat models to prioritize security measures. |
| Secure Communication: Encryption techniques for secure communication. Best practices for using secure messaging apps and email encryption. |
| Data Protection and Privacy: Understanding data protection laws and regulations. Implementing privacy-enhancing measures for data handling and storage. |
| Secure Online Practices: Safe browsing habits and techniques to avoid phishing attacks. Protecting personal and organizational accounts with strong passwords and multi-factor authentication. |
| Securing Websites and Online Platforms: Website security best practices, including regular updates and secure coding practices. Securing content management systems (CMS) like WordPress and Drupal against common vulnerabilities. |
| Social Media Security: Privacy settings and controls for social media platforms. Identifying and avoiding social engineering attacks on social media. |
| Digital Identity Protection: Protecting digital identities from identity theft and impersonation. Safeguarding personal and organizational online profiles and reputations. |
| Incident Response and Recovery: Developing incident response plans for cyber-attacks and security breaches. Procedures for data breach notification and recovery. |
| Secure Collaboration Tools: Selecting and using secure collaboration tools for remote work. Best practices for secure file sharing and document collaboration. |
| Physical Security Awareness: Awareness of physical security threats to digital devices and data. Measures to protect against theft and unauthorized access to devices and premises. |
| Emerging Threats and Trends: Staying updated on emerging digital security threats and trends. Strategies for proactive threat intelligence gathering and analysis. |
Reporting:
- Conduct regular planning and coordination meetings with Sawt and Internews GTH to ensure effective delivery according to Internews guidance, practices, and resources.
- Provide comprehensive reports for each training session, including topics covered, participants’ feedback, and recommendations for follow-up and improvement.
- Contribute to the development of a consolidated final report, analyzing overall outcomes and impact of the digital safety and security trainings and clinics as well as support needed by partner organizations.
Trainees:
The program aims to engage and support a total of 45 Civil Society Organizations (CSOs) and 10 digital media platforms, distributed across Jordan’s northern, central, and southern regions, with the majority located in Amman.
Deliverables
| Milestone | Description | Deliverables | Number of Days or Dates |
| 1 | Knowledge and needs assessment to identify partners’ level | Knowledge level and needs assessment report.Training and clinics delivery plan. | 7 days July 1 – July 10, 2024 |
| 2 | Training materials | Training materials, such as agendas, manuals, presentations, multimedia content, tools, and trainers’ bios, according to applicable branding guidelines. | 3 days July 11 – July 20, 2024 |
| 3 | Training delivery | Four digital safety and security training sessions targeting 45 CSOs organized according to their level of knowledge and regional location (in northern, central, and southern regions) (4 days).Two digital safety and security training sessions targeting 10 digital media platforms organized according to their level of knowledge in Amman (2 days). | Up to 6 days July 23 – August 15, 2024 |
| 4 | Training report providing a detailed overview and analysis of a training sessions | CSOs training report.Media platforms training report. | 2 days (CSOs report) August 18, 2024 (Media report) August 21, 2024 |
| 5 | Conduct digital security clinics both in-person and online for partner organizations and reporting | Planning and conducting audits for each partner organization.Based on the conducted audits, provide a development plan for each organization with priority items for each organization to focus on.Conduct up to two-days clinic for each organization to address identified priorities.Report on clinics for 45 CSO.Report on clinics for 10 digital media platforms. | Up to 110 clinic days (Includes preparation and audits, delivery, and reporting) (Clinics audits and delivery) August 18 – October 18, 2024 (Clinics Reporting) October 19, 2024 |
Eligibility Criteria
- The organization must be legally registered and has permission to operate in Jordan.
- The organization must have a documented record of employed staff with university degrees in information technology, computer science, or a relevant field of study or relevant certification.
- The organization must have a proven recent experience of designing and implementing impactful digital safety and security support, including trainings, organizational assessments, and clinics in Jordan or MENA region, showcased through recent case studies, project reports, or client testimonials.
- The organization must have a proven experience of delivering trainings and clinics in Arabic and produce reports on them in English, showcased through samples of recent training materials, project reports, or client testimonials.
Evaluation Criteria
| Description | Points |
| 1. Understanding the Project and Relevant Experience: Clearly explains how the service provider will meet the objectives outlined in the SOW.Understanding of the Jordanian ICT context and operating environment, as well as current regional and global digital security needs, trends and threats, in addition to a strong organizational capacity to conduct written and spoken communications in Arabic and English. Experience in collaborating with diverse stakeholders, including journalists, media outlets, and civil society organizations. | 30 points |
| 2. Methodology and Approach; Clarity and comprehensiveness of proposed training design. Demonstrated proficiency in providing up-to-date digital safety and security training materials and resources. | 20 points |
| 3. Team Expertise and Qualifications: Team composition reflects relevant expertise in digital safety and security and facilitating interactive training sessions.Minimum of 3 years of relevant experience, across the organization’s team members, in information security, secure communication, privacy, and data protection, and training.Demonstrated understanding of information security and internet building blocks, including DNS, SSL, IP, etc., showcased through technical documentation, whitepapers, or staff training certifications. | 30 points |
| 4. Financial Proposal: The financial proposal is competitive and demonstrates good value for the proposed services.The financial proposal clearly outlines the breakdown of costs and justifies the proposed expenses | 20 points |
| Total | 100 points |
Proposal Content
Service providers interested in participating in this solicitation must provide the following:
- Registration Certificate: Provide proof of legal registration in Jordan.
- Technical Proposal detailing the approach and methodology:
- Explain the proposed approach and methodology for conducting digital safety and security trainings.
- Describe how the service provider will design and implement impactful digital safety and security support, including trainings, organizational assessments, clinics showcased through recent case studies, project reports, or client testimonials.
- Provide the composition, names, and bios of the team members with relevant expertise in information security, secure communication, privacy, and data protection, and training.
- Financial Proposal: Include a comprehensive financial proposal outlining the detailed budget for the proposed project.
- Provide a previous sample showcasing the following:
- Previous experience in designing and implementing impactful digital safety and security support, including trainings, organizational assessments, clinics showcased through recent case studies, project reports, or client testimonials.
- Examples of training materials, resources, tools, and programs, related to digital safety and security.
Application Instructions
Interested service providers are invited to submit their technical and financial proposals, addressed to: [email protected] by June 30, 2024, 17:00 Amman time making sure to write “Digital Safety and Security Provider, USAID Sawt Activity “ in the subject of your e-mail.
Inquiries
For any inquiries or clarifications regarding the assignment, reach out to [email protected] by 17:00 on June 25th, 2024.