1. Pre-qualification Requirements: Additional vendor qualification criteria for complex assessments

2. Site Visit Requirements: Include when physical security assessment is needed

3. Compliance Requirements: Specific regulatory compliance requirements if dealing with regulated industries

4. Insurance Requirements: Detailed insurance coverage requirements for high-risk assessments

5. Sub-contractor Guidelines: Rules for engaging sub-contractors, if permitted

6. Past Performance References: Detailed reference requirements for complex projects

7. Knowledge Transfer Requirements: When specific knowledge transfer to internal teams is needed

1. Schedule A - Technical Specification: Detailed technical requirements and assessment scope

2. Schedule B - Pricing Template: Standardized format for price quotation

3. Schedule C - Response Templates: Standard forms for technical and commercial responses

4. Schedule D - Service Level Agreement: Performance metrics and service levels

5. Schedule E - Non-Disclosure Agreement: Confidentiality terms and conditions

6. Appendix 1 - System Architecture: Technical documentation of systems to be assessed

7. Appendix 2 - Compliance Checklist: Required standards and compliance requirements

8. Appendix 3 - Previous Assessment Reports: Relevant historical security assessment information