# 2026-0094 Cyber Governance Support - Lessons Learned Scorecard (NS) - MON 6 Jul > EMW, Inc. · Netherlands (Remote) · Contract · Posted 2026-06-23 **Workplace:** remote **Department:** AAS ## Description **Deadline Date:** Monday 06 July 2026 **Requirement:** Cyber Governance Support - Lessons Learned and Scorecard Oversight **Location:** Offsite in a NATO Country Note: Please refer to your Subcontract Agreement, article 6.4.1.a, which states "Off-Site Discount: 5% (this discount is applicable to all requirements, and applies when the assigned personnel are permitted to work Off-Site, such as at-home)". Please be sure to price this discount in your overall price proposal when submitting bids against off-site RFQs. **Period of Performance:** 2026 BASE: 03 August 2026 (tentative) to 31 December 2026 **Required Security Clearance:** NATO SECRET **Special Terms and Conditions:** Non-disclosure agreement must be signed **1\. OBJECTIVE** The objective of this engagement is to provide governance and coordination support for enterprise cybersecurity governance activities, specifically supporting the Cyber Lessons Learned (LL) and NATO Enterprise Cybersecurity Scorecard (Scorecard) processes. The contractor will assist CDT in coordinating stakeholders, supporting reporting activities and ensuring that cybersecurity governance processes are executed in a structured, consistent and traceable manner. The engagement focuses on supporting two main work packages: - Cyber Lessons Learned coordination and process support - Cybersecurity Scorecard oversight The contractor will provide coordination and documentation support but will not perform operational cybersecurity activities or entity-level assessments. **2\. SCOPE OF WORK** The contractor shall provide governance support services across two distinct Work Packages (WP). **2.1 Work Package I – Cyber Lessons Learned Support** The contractor shall support the implementation and operationalization of the Cyber Lessons Learned process among relevant cybersecurity stakeholders, ensuring that lessons related to cybersecurity activities are systematically identified, captured, structured, coordinated and tracked. In support of this objective, the contractor shall assist CDT in coordinating stakeholders involved in the relevant enterprise cybersecurity processes and facilitating the capture and documentation of lessons learned. Activities within the scope include: - Supporting the implementation and operationalization of the Cyber Lessons Learned process across relevant cybersecurity stakeholders - Engaging stakeholders involved in the relevant cybersecurity processes - Coordinating the capture and structuring of lessons learned information - Supporting documentation of changes made to procedures or documentation resulting from lessons learned - Supporting the organization and documentation of Lessons Learned coordination meetings and workshops - Supporting the maintenance of templates, repositories or portals used to capture lessons learned information - The contractor will act as a coordinator supporting stakeholders involved in the Lessons Learned process. **2.2 Work Package II – Cybersecurity Scorecard Oversight Support** The contractor shall provide coordination and oversight support related to the execution of the annual NATO Cybersecurity Scorecard Assessment (Scorecard) cycle, ensuring visibility of progress and alignment with Lessons Learned processes. Activities within the scope include: - Supporting coordination of the Assessment Team (including contractors) performing Scorecard activities - Reviewing contractor outputs and providing quality assurance observations to CDT - Maintaining oversight documentation such as tracking dashboards, issue logs and status summaries - Scorecard outputs may also be used as inputs to support the Cyber Lessons Learned process. **3\. DELIVERABLES** Deliverables are structured under two WPs corresponding to the two workstreams of the assignments. All deliverables will be assessed according to the criteria described in General Acceptance Criteria. Where relevant, additional deliverable-specific criteria are defined below. **3.1 Work Package I – Cyber Lessons Learned Coordination Support** The contractor shall provide the following deliverables supporting the Cyber Lessons Learned process. **3.1.1 Deliverable WP1-D1** **Deliverable Name:** Lessons Learned Coordination Plan **Description:** Documentation describing the approach for coordinating the Cyber Lessons Learned process among relevant cybersecurity stakeholders. **Contents:** Stakeholder engagement approach; Description of the Lessons Learned workflow; Coordination structure supporting the process **Format:** Process documentation report **Acceptance Criteria:** Stakeholder engagement approach documented and aligned with identified cybersecurity stakeholders; Lessons Learned workflow clearly defined from capture through closure; Roles, responsibilities and coordination structure documented; Process supports traceability of lessons through implementation; Document delivered by agreed milestone; Accepted by CDT Technical Lead without material rework **KPIs:** KPI 1.1 – Timely Delivery: Coordination Plan delivered by agreed due date: 100%. KPI 1.2 – Completeness: Mandatory sections completed: 100%. KPI 1.3 – Acceptance Quality: Accepted without material rework: ≥95% **Due Date:** 2026 Q3 **Payment Milestone:** 7% of total contract value. After deliverable completion and signed Delivery Acceptance Sheet (DAS). **3.1.2 Deliverable WP1-D2** **Deliverable Name:** Lessons Learned Capture Template **Description:** A standardized template used to capture Lessons Learned information in a structured and consistent format. **Contents:** Lesson description; Context and impact; Recommended improvement action; Tracking information **Acceptance Criteria:** Template contains all required fields (Lesson description, Context, Impact, Recommendations, Tracking fields); Template supports structured data collection; Template validated during pilot use; Accepted by CDT Technical Lead **KPIs:** KPI 2.1 – Template Completeness: Required data fields included: 100%. KPI 2.2 – Usability: Stakeholder validation acceptance rate: ≥95%. KPI 2.3 – Acceptance: Accepted without major rework: ≥95% **Due Date:** 2026 Q3 **Payment Milestone:** 5% of total contract value. After deliverable completion and signed Delivery Acceptance Sheet (DAS). **3.1.3 Deliverable WP1-D3** **Deliverable Name:** Lessons Learned Register **Description:** A structured register containing Lessons Learned entries collected during the contract period. **Contents:** Recorded lessons learned; Stakeholder inputs; Status of actions or documentation updates **Format:** Structured spreadsheet dataset or repository record **Acceptance Criteria:** Register contains all Lessons Learned captured during the reporting period; Each lesson includes ownership and status information; Register includes tracking of actions and documentation updates; No duplicate lesson records; Repository maintained and available to authorized stakeholders; Accepted by CDT Technical Lead **KPIs:** KPI 3.1 – Lesson Capture Rate: Identified lessons entered into register within 10 working days: ≥95%. KPI 3.2 – Register Completeness: Lessons containing all mandatory fields: ≥98%. KPI 3.3 – Action Tracking: Lessons with assigned action status: 100%. KPI 3.4 – Data Accuracy: Duplicate or erroneous records: ≤2% **Due Date:** 2026 Q3 **Payment Milestone:** 30% of total contract value. After deliverable completion and signed Delivery Acceptance Sheet (DAS). **3.1.4 Deliverable WP1-D4** **Deliverable Name:** Lessons Learned Workshop Summary Reports **Description:** Summary reports documenting outcomes of LL coordination meetings and workshops. **Contents:** Summary of discussions; Identified lessons; Proposed improvement actions **Format:** Workshop summary report **Acceptance Criteria:** Workshop discussions documented; Identified lessons clearly recorded; Proposed actions assigned where applicable; Report distributed within agreed timeframe following workshop; Accepted by CDT Technical Lead **KPIs:** KPI 4.1 – Reporting Timeliness: Workshop report issued within 5 working days: ≥95%. KPI 4.2 – Meeting Documentation Quality: Reports accepted without factual corrections: ≥95%. KPI 4.3 – Action Capture: Identified actions documented with owner: 100% **Quantity:** 4 reports **Due Date:** 2026 Q3–Q4 **Payment Milestone:** 20% of total contract value (5% each). After each deliverable completion and signed Delivery Acceptance Sheet (DAS). **3.1.5 Deliverable WP1-D5** **Deliverable Name:** Lessons Learned Consolidation Report **Description:** A consolidated report summarizing lessons captured during the contract period. **Contents:** Overview of captured lessons; Status of addressed lessons; Recommendations for improvement of cybersecurity processes **Format:** Report **Acceptance Criteria:** Consolidated overview of all captured lessons included; Status of implementation actions documented; Trends and recurring themes identified; Recommendations for cybersecurity process improvement included; Accepted by CDT Technical Lead **KPIs:** KPI 5.1 – Consolidation Coverage: Captured lessons reflected in report: 100%. KPI 5.2 – Recommendation Quality: Recommendations accepted by CDT without major rework: ≥95%. KPI 5.3 – Timeliness: Report delivered according to schedule: 100% **Due Date:** 2026 Q4 **Payment Milestone:** 23% of total contract value. After deliverable completion and signed Delivery Acceptance Sheet (DAS). **3.2 Work Package II – Scorecard Oversight Deliverables** The contractor shall provide the following deliverables supporting the Scorecard process. **3.2.1 Deliverable WP2-D1** **Deliverable Name:** Scorecard Oversight Tracking Dashboard **Description:** A coordination and tracking dashboard providing visibility on the progress of Scorecard activities, based on information made available by CDT and interactions with the Scorecard contractor. **Contents:** Status of assessment activities; Contractor deliverable tracking; Risk and issue register **Format:** Spreadsheet suitable for operational use **Acceptance Criteria:** Dashboard includes status tracking of all active assessment activities; Contractor deliverables tracked and current; Risk and issue register maintained; Dashboard updated according to agreed reporting cycle; Information consistent with CDT records; Accepted by CDT Technical Lead **KPIs:** KPI 6.1 – Dashboard Currency: Dashboard updated within reporting cycle: 100%. KPI 6.2 – Data Accuracy: Dashboard records matching source information: ≥98%. KPI 6.3 – Deliverable Tracking Coverage: Contractor deliverables tracked: 100%. KPI 6.4 – Risk Tracking: Active risks and issues recorded and maintained: 100% **Due Date:** 2026 Q3–Q4 **Payment Milestone:** 5% of total contract value. After deliverable completion and signed Delivery Acceptance Sheet (DAS). **3.2.2 Deliverable WP2-D2** **Deliverable Name:** Contractor Deliverable Review Report **Description:** Structured review report documenting observations and recommendations related to the deliverables produced by Scorecard assessment contractors. **Contents:** Identification of the reviewed contractor deliverable; Summary of observations; Identified issues or clarification requests; Recommendations to CDT **Format:** Review report **Acceptance Criteria:** Reviewed deliverable clearly identified; Observations documented and evidence-based; Issues and clarification requests clearly described; Recommendations provided to CDT; Report delivered within agreed review period; Accepted by CDT Technical Lead **KPIs:** KPI 7.1 – Review Timeliness: Reviews completed within agreed review period: ≥95%. KPI 7.2 – Review Quality: Reports accepted without material rework: ≥95%. KPI 7.3 – Observation Traceability: Findings supported by documented evidence: 100%. KPI 7.4 – Recommendation Effectiveness: Recommendations considered actionable by CDT: ≥90% **Due Date:** 2026 Q4 **Payment Milestone:** 10% of total contract value (2.5% each). After each deliverable completion and signed Delivery Acceptance Sheet (DAS). **4\. GENERAL ACCEPTANCE CRITERIA** Each deliverable will be reviewed and considered acceptable when it meets all of the following criteria: **Completeness:** The deliverable includes all agreed components, sections or outputs in the task definition and scope. **Quality:** The content is logically structured and does not include major errors or inconsistencies. **Relevance and Accuracy:** The deliverable aligns with objectives of the assignment and reflects accurate and up-to-date information. **Usability:** The deliverable provides practical value to the project and is ready to use. **Timeliness:** The deliverable is submitted within the agreed timeframe or approved extension period. **Timely Participation:** The contractor attends scheduled meetings, workshops and assessment activities on time and as agreed, contributing actively when required. **Responsiveness:** Revisions (if any) are delivered promptly and in alignment with the feedback received. **5\. PAYMENT SCHEDULE** Payment shall be dependent upon successful acceptance of the Deliverable Acceptance Sheets (Annex B), signed by the authorized point of contact and the Contractor. Invoices shall be accompanied by the Deliverable Acceptance Sheets signed by the project authority and the Contractor. **WP1-D1:** Lessons Learned Coordination Plan. Quantity: 1. Value: 7%. Due: 2026 Q3. Payment Milestone: Upon successful acceptance of deliverable, based on performance (measured through KPIs) and the Delivery Acceptance Sheet and weekly reports for the period. **WP1-D2:** Lessons Learned Capture Template. Quantity: 1. Value: 5%. Due: 2026 Q3. Payment Milestone: Upon successful acceptance of deliverable. **WP1-D3:** Lessons Learned Register. Quantity: 1. Value: 30%. Due: 2026 Q3. Payment Milestone: Upon successful acceptance of deliverable. **WP1-D4:** Lessons Learned Workshop Summary Reports. Quantity: 4. Value: 20% (5% each). Due: 2026 Q3–Q4. Payment Milestone: Upon successful acceptance of each deliverable. **WP1-D5:** Lessons Learned Consolidation Report. Quantity: 1. Value: 23%. Due: 2026 Q4. Payment Milestone: Upon successful acceptance of deliverable. **WP2-D1:** Scorecard Oversight Tracking Dashboard. Quantity: 1. Value: 5%. Due: 2026 Q3–Q4. Payment Milestone: Upon successful acceptance of deliverable. **WP2-D2:** Contractor Deliverable Review Report. Quantity: 1. Value: 10% (2.5% each). Due: 2026 Q4. Payment Milestone: Upon successful acceptance of each deliverable. The exact start date and due date for each deliverable will be jointly agreed upon by the Purchaser and the Contractor at the start of each period. Only documented and mutually acknowledged due dates will be recognized for performance assessment and payment release. If more than two consecutive deliverables fail to meet quality standards or delivery times, the Purchaser reserves the right to escalate performance concerns in accordance with the CO-115786-AAS+ General and Special Provisions. For any deliverable delay, the Purchaser reserves the right to withhold payment until satisfactory completion. Failure to meet delivery times beyond 10 days can result in payment reduction up to 20% for the affected deliverable. **6\. WORK EXECUTION** The work will be executed remotely; no travel is considered. The Contractor's personnel are expected to follow the Purchaser's working hours — Monday to Thursday from 08:30 until 17:30 and Friday from 08:30 until 15:30 — and observe the Purchaser's official holidays. The Purchaser's official holidays may differ from the public holidays in the Host Nation. **7\. REPORTING** At the end of each milestone, the Contractor shall report the completion and achievements to the Purchaser POC via email for each resource providing services under this SoW. At the end of each milestone, the Contractor shall deliver the Delivery Acceptance Sheet (Annex B) for Purchaser approval and signature for each resource providing services under this SoW. The deliverables shall be produced within the requested timeframes and be of satisfactory quality to avoid re-work and ensure the achievement of the objectives and specific tasks. Any risks or potential delays shall be flagged immediately. **8\. PERIOD OF PERFORMANCE** The service is expected to start on 03 August 2026 (tentative) and end no later than 31 December 2026. **9\. SECURITY AND NON-DISCLOSURE AGREEMENT** The resource providing services under this SoW must be in possession of a security clearance of NATO SECRET or above. The signature of a Non-Disclosure Agreement between the contractors contributing to this task and NCIA will be required prior to execution. **10\. QUALIFICATIONS** \[See Requirements\] ## Requirements **9\. SECURITY AND NON-DISCLOSURE AGREEMENT** - The resource providing services under this SoW must be in possession of a security clearance of NATO SECRET or above. The signature of a Non-Disclosure Agreement between the contractors contributing to this task and NCIA will be required prior to execution. **10\. QUALIFICATIONS** - Expertise in Cyber Security: Contractor personnel must have extensive experience in cyber security with a focus on analytical assessment, scorecard development and performance metrics. Personnel must demonstrate a strong understanding of cybersecurity processes such as Cyber Incident Management, Defensive Cyberspace Operations, Enterprise Risk Management and Cyber Threat Intelligence Analysis and Sharing. - Methodology Development Skills: Contractor personnel must have proficiency in developing, refining and updating methodologies for assessing cybersecurity maturity and performance. - Experience with Lessons Learned or Knowledge Management Processes: Contractor personnel should have experience supporting Lessons Learned, knowledge management or continuous improvement processes, including capturing lessons, structuring information and tracking improvement actions. - Communication Skills: Contractor personnel must demonstrate strong written and verbal communication skills for engaging with various stakeholders and facilitating Enterprise-wide assessments. - Autonomous Working Capability: The contracted individual must be capable of performing effectively and efficiently with minimal supervision. ## Apply [Apply at EMW, Inc.](https://apply.workable.com/emw/j/92FD6BDECC/apply) --- Powered by [Workable](https://www.workable.com)