ABOUT INKOMOKO
Inkomoko supports entrepreneurs to grow their businesses in order to improve livelihoods, create jobs, and help communities thrive.
In 2025, Inkomoko was listed by the Financial Times as the 8th fastest-growing company in Africa, supporting entrepreneurs across East and Central Africa to grow thriving businesses and build inclusive, resilient economies.
Founded in 2012, Inkomoko is a non-profit that has worked with more than 100,000 entrepreneurs, including thousands of refugee businesses. Inkomoko provides a combination of training, consulting, access to finance, and market-level systems change to drive impact for our clients. We are the largest investor to refugee entrepreneurs in Africa.
Inkomoko has 800+ staff in 50 offices across Chad, Ethiopia, Kenya, Rwanda, and South Sudan. Through Inkomoko’s 2030 strategic plan, we are adding 3 additional countries to positively impact 7M people, by serving more than 550,000 entrepreneurs and growing our $30M loan fund.
INKOMOKO VALUES
All staff at Inkomoko are connected to a shared set of organizational values:
- Purpose: be solutions-oriented, produce high-quality work, and be a global leader.
- Achievement: push yourself to reach beyond what you previously thought possible.
- Improvement: be humble, engage in continuous growth through open & accurate feedback
- Bravery: willing to take risks, create a safe space for others, be compassionate, and inclusive.
- We Eat Goat: we celebrate success and support each other in hard times. We do this work together in the spirit of turikumwe, tuko pamoja, abren nen, Kula na sawa, On est ensemble.
Background
Inkomoko currently lacks a centralized system to manage and monitor privileged access for developers, system administrators, database administrators, and other users with elevated permissions. This exposes the organization to risks such as credential misuse, privilege escalation, limited audit capabilities, and non-compliance with security best practices.
To strengthen its cybersecurity posture, the IT & Security Department seeks to implement a Privileged Access Management (PAM) solution that will secure, control, monitor, and audit all privileged accounts and activities across the organization's infrastructure.
Objective of the Assignment
The objective of this assignment is to supply, implement, configure, and commission a Privileged Access Management (PAM) solution that will enable Inkomoko to:
- Centralize the vaulting and management of all privileged credentials.
- Implement Just-in-Time (JIT) privileged access for developers and administrators.
- Enable session recording and real-time monitoring of privileged activities.
- Automate privileged password rotation.
- Implement Role-Based Access Control (RBAC) with approval workflows.
- Maintain comprehensive, audit-ready privileged access logs.
Scope of Work
The successful vendor will be expected to undertake, at a minimum, the following activities:
- Supply, install, and configure the PAM solution for both on-premises and cloud environments.
- Integrate the solution with existing identity management systems.
- Onboard privileged accounts across Windows servers, Linux servers, databases, network devices, and cloud platforms.
- Configure password management policies, automated password rotation, and Just-in-Time access.
- Configure session recording for SSH, RDP, HTTPS, and database connections.
- Define and implement Role-Based Access Control (RBAC) for developers, system administrators, auditors, and managers.
- Integrate the PAM solution with the organization's Security Information and Event Management (SIEM) platform (e.g., Splunk or ELK).
- Conduct administrator and end-user training on the use and administration of the solution.
Deliverables
The successful vendor shall provide the following deliverables:
- A fully deployed and production-ready Privileged Access Management environment.
- Technical architecture documentation and integration guides.
- Configured credential vault structure and security policy documentation.
- Session recording and auditing configuration report.
- Administrator and end-user training, including presentation materials and recorded training sessions.
- System health check report and comprehensive handover documentation.
Duration
The assignment is expected to commence in August 2026 and be completed by the end of September 2026, with an overall implementation period of eight (8) weeks. This period includes installation, configuration, integration, testing, training, and final handover.
Reporting and Supervision
The successful vendor will report directly to the IT Security Manager.
Progress will be monitored through weekly implementation meetings supported by bi-weekly written status reports. Final acceptance testing and project sign-off will be conducted by the Director of IT.
Requirements
Vendor Qualifications and Experience
Interested vendors should demonstrate the following minimum qualifications:
- Certified implementation partnership with the Original Equipment Manufacturer (OEM) of the proposed PAM solution.
- Proven experience delivering at least three successful PAM implementations for organizations of similar size and complexity.
- Experience integrating PAM solutions with Microsoft Azure Active Directory, AWS Identity and Access Management (IAM), and on-premises Active Directory.
- Strong technical expertise in Windows and Linux privilege management, session monitoring, and privileged account governance.
Proposal Submission Requirements and Date
Interested vendors should submit a proposal comprising:
- Company registration documents.
- Company profile and relevant experience.
- Detailed implementation methodology and work plan.
- Financial proposal, including licensing and implementation costs.
Proposals should be submitted electronically to [email protected] no later than 24th July 2026 at 5:00 p.m. EAT.
The email subject should be: Proposal – Privileged Access Management (PAM) Solution – Vendor Name.
Any requests for clarification during the procurement process should also be submitted to [email protected].
Evaluation Criteria
Proposals will be evaluated using the following weighted criteria:
- Technical approach and alignment with PAM best practices - 30%
- Relevant implementation experience and client references - 30%
- Cost competitiveness, including licensing and implementation - 20%
- Training, knowledge transfer, and post-implementation support - 20%
Contact Information
For clarification regarding this assignment or proposal submission, please contact:
Procurement Team
Email: [email protected]


