Tender for Data Protection and Cyber Security Advisors

Tender for Data Protection and Cyber Security Advisors

NIE Networks wishes to enter into a Framework Agreement with a suitably qualified and experienced organisation to provide advice based on the latest GB and EU data protection legislation.

United Kingdom-Belfast: Data services

2018/S 150-345714

Contract notice – utilities

Services

Legal Basis:

Directive 2014/25/EU

Section I: Contracting entity

I.1)Name and addresses

Northern Ireland Electricity Networks
120 Malone Road
Belfast
BT9 5HT
United Kingdom
Contact person: Anna McWhirter
Telephone: +44 2890689194
E-mail: anna.mcwhirter@nienetworks.co.uk
Fax: +44 1234567
NUTS code: UKN
Internet address(es):Main address: www.nienetworks.co.uk
I.2)Information about joint procurement

I.3)Communication

The procurement documents are available for unrestricted and full direct access, free of charge, at: https://e-sourcingni.bravosolution.co.uk
Additional information can be obtained from the abovementioned address
Tenders or requests to participate must be submitted electronically via: https://e-sourcingni.bravosolution.co.uk
Tenders or requests to participate must be submitted to the abovementioned address

I.6)Main activity

Electricity

Section II: Object

II.1)Scope of the procurement

II.1.1)Title:

Data Protection and Cyber Security Advisors

Reference number: CA241

II.1.2)Main CPV code

72300000

II.1.3)Type of contract

Services

II.1.4)Short description:

Lot 1 — Data Protection

NIE Networks wishes to enter into a Framework Agreement with a suitably qualified and experienced organisation to provide advice based on the latest GB and EU data protection legislation. NIE Networks has an established Data Protection Forum to focus on exchange, analysis and communication of information on matters relating to the protection of personal information and compliance with Data Protection.

Lot 2 — Cyber Security Advisors

NIE Networks outsources the delivery of IT, telephony and other telecommunication services. These are provided through managed service contracts with third parties. This includes the operational aspects of Cyber Security. NIE Networks seeks to appoint a suitably qualified and experienced organisation for the provision of Cyber Security advisors to provide expert advice and support services to the NIE Networks IT Security Officer. This service is to operate independently of the managed service contract and provide impartial advice.

II.1.5)Estimated total value

Value excluding VAT: 950 000.00 GBP

II.1.6)Information about lots

This contract is divided into lots: yes
Tenders may be submitted for all lots
Maximum number of lots that may be awarded to one tenderer: 2
The contracting authority reserves the right to award contracts combining the following lots or groups of lots:

1 and 2

II.2)Description

II.2.1)Title:

Data Protection Advisors

Lot No: 1

II.2.2)Additional CPV code(s)

32412110
72300000
72400000
72600000
72810000
72820000

II.2.3)Place of performance

NUTS code: UKN
Main site or place of performance:

Northern Ireland

II.2.4)Description of the procurement:

NIE Networks wishes to enter into a Framework Agreement with a suitably qualified and experienced organisation to provide advice based on the latest GB and EU legislation.

NIE Networks has an established Data Protection Forum to focus on the exchange, analysis and communication of information on all matters relating to the protection of personal information and compliance with Data Protection.

The following are the key Data Protection objectives for NIE Networks:

— Define and promote Data Protection Policy, Standards and Procedures throughout NIE Networks,

— Establish Data Ownership for records systems identified on the Personal Information Register, and provide support and assessment for Data Owners,

— Establish a Risk Analysis Process for DPA/GDPR Compliance, and liaise with management, Data Owners, IT and other relevant groups or departments on this,

— Liaise with the NIE Networks IT Security Forum on technical issues, including the reporting and investigation of incidents and/or breaches, and in maintaining a Data Protection Act (DPA/GDPR) Risk Register,

— Facilitate communication between the Audit Committee, Executive Directors, the Risk Management Committee, the Company Secretary, internal auditors and other parties engaged in risk management activities.

II.2.5)Award criteria

Price is not the only award criterion and all criteria are stated only in the procurement documents

II.2.6)Estimated value

Value excluding VAT: 300 000.00 GBP

II.2.7)Duration of the contract, framework agreement or dynamic purchasing system

Duration in months: 96
This contract is subject to renewal: yes
Description of renewals:

At the end of the term, the framework arrangement may be subject to retender.

II.2.9)Information about the limits on the number of candidates to be invited

II.2.10)Information about variants

Variants will be accepted: no

II.2.11)Information about options

Options: yes
Description of options:

Each Framework Agreement will be for a period of five (5) years with an option, exercisable entirely at the discretion of the Contracting Entity and subject to the terms of the Framework Agreement, to extend by a further optional period of up to three (3) years, with a total potential duration of eight (8) years.

The Schedule of Rates applicable under any extended period will be subject to agreement between the Contracting Entity and the Economic Operator.

II.2.12)Information about electronic catalogues

Tenders must be presented in the form of electronic catalogues or include an electronic catalogue

II.2.13)Information about European Union funds

The procurement is related to a project and/or programme financed by European Union funds: no
II.2.14)Additional information
II.2)Description

II.2.1)Title:

Cyber Security Advisors

Lot No: 2

II.2.2)Additional CPV code(s)

32412110
72000000
72300000
72400000
72420000
72421000
72422000

II.2.3)Place of performance

NUTS code: UKN
Main site or place of performance:

Northern Ireland

II.2.4)Description of the procurement:

NIE Networks outsources the delivery of IT, telephony and other telecommunication services. These are provided through managed service contracts with third parties. This includes the operational aspects of Cyber Security.

NIE Networks seeks to appoint a suitably qualified and experienced organisation on framework for the provision of Cyber Security advisors to provide expert advice and support services to the NIE Networks IT Security Officer. This service is to operate independently of the managed service contracts and provide impartial advice and guidance to NIE Networks.

NIE Networks wishes to establish a framework agreement for the services of suitably qualified and experienced supplier to provide these services in NIE Networks Sites and also the IT Managed Service providers’ Data Centre (mainly in the Belfast area).

The successful service provider will provide an estimated 44 days of Cyber Security support per annum. These days will be based on a call- off arrangement by NIE Networks as and when required. The majority of call off days shall be planned in advance with the successful service provider; typically within 2 weeks notice.

The Framework Agreement will comprise the following service areas:

— General Cyber Security advice and guidance for services within the existing NIE Networks managed service contract,

— General Cyber Security advice and guidance external to the managed service contract,

— Support for Cyber Security governance and compliance (such as the NIS Directive),

— Cyber Security strategic and policy development and review,

— Cyber Security and technical advice for NIE Networks SCADA and Operational Telecommunications Networks and Systems,

— Cyber Security advice and support for existing SIEM, SOC services (e.g. emerging technologies and threats such as Cloud Security and mobile solutions),

— Ad hoc guidance and advice on Cyber Security issues that arise,

— Advice and guidance for technical proposals and projects,

— Participate in bi monthly NIE Networks IT Security forums either in person or via telephone conferencing as agreed with the NIE Networks contract manager,

— Provide access to Cyber Security and Computer Forensics services,

— Application Security Testing/Penetration testing,

— Infrastructure health checks,

— Advice and Guidance for User Awareness training and e-training,

— Advice and Guidance for vulnerability scanning and penetration testing,

— Provide vulnerability and penetration testing services,

— Hold monthly meetings with NIE Networks to review progress and tasking including previous monthly spend and agree work program for month ahead.

II.2.5)Award criteria

Price is not the only award criterion and all criteria are stated only in the procurement documents

II.2.6)Estimated value

Value excluding VAT: 650 000.00 GBP

II.2.7)Duration of the contract, framework agreement or dynamic purchasing system

Duration in months: 96
This contract is subject to renewal: yes
Description of renewals:

At the end of the term, the framework arrangement may be subject to retender.

II.2.9)Information about the limits on the number of candidates to be invited

II.2.10)Information about variants

Variants will be accepted: no

II.2.11)Information about options

Options: yes
Description of options:

Each Framework Agreement will be for a period of five (5) years with an option, exercisable entirely at the discretion of the Contracting Entity and subject to the terms of the Framework Agreement, to extend by a further optional period of up to three (3) years, with a total potential duration of eight (8) years.

The Schedule of Rates applicable under any extended period will be subject to agreement between the Contracting Entity and the Economic Operator.

II.2.12)Information about electronic catalogues

Tenders must be presented in the form of electronic catalogues or include an electronic catalogue

II.2.13)Information about European Union funds

The procurement is related to a project and/or programme financed by European Union funds: no
II.2.14)Additional information

Section III: Legal, economic, financial and technical information

III.1)Conditions for participation

III.1.1)Suitability to pursue the professional activity, including requirements relating to enrolment on professional or trade registers

List and brief description of conditions:

Please refer to tender documents

III.1.2)Economic and financial standing

Selection criteria as stated in the procurement documents

III.1.3)Technical and professional ability

Selection criteria as stated in the procurement documents
III.1.4)Objective rules and criteria for participation
III.1.5)Information about reserved contracts
III.1.6)Deposits and guarantees required:
III.1.7)Main financing conditions and payment arrangements and/or reference to the relevant provisions governing them:
III.1.8)Legal form to be taken by the group of economic operators to whom the contract is to be awarded:
III.2)Conditions related to the contract
III.2.1)Information about a particular profession
III.2.2)Contract performance conditions:

III.2.3)Information about staff responsible for the performance of the contract

Obligation to indicate the names and professional qualifications of the staff assigned to performing the contract

Section IV: Procedure

IV.1)Description

IV.1.1)Type of procedure

Negotiated procedure with prior call for competition

IV.1.3)Information about a framework agreement or a dynamic purchasing system

The procurement involves the establishment of a framework agreement
Framework agreement with several operators
Envisaged maximum number of participants to the framework agreement: 2

IV.1.4)Information about reduction of the number of solutions or tenders during negotiation or dialogue

Recourse to staged procedure to gradually reduce the number of solutions to be discussed or tenders to be negotiated
IV.1.6)Information about electronic auction

IV.1.8)Information about the Government Procurement Agreement (GPA)

The procurement is covered by the Government Procurement Agreement: yes
IV.2)Administrative information
IV.2.1)Previous publication concerning this procedure

IV.2.2)Time limit for receipt of tenders or requests to participate

Date: 30/08/2018
Local time: 12:00
IV.2.3)Estimated date of dispatch of invitations to tender or to participate to selected candidates

IV.2.4)Languages in which tenders or requests to participate may be submitted:

English

IV.2.6)Minimum time frame during which the tenderer must maintain the tender

Duration in months: 6 (from the date stated for receipt of tender)
IV.2.7)Conditions for opening of tenders

Section VI: Complementary information

VI.1)Information about recurrence

This is a recurrent procurement: yes

VI.2)Information about electronic workflows

Electronic invoicing will be accepted
VI.3)Additional information:
VI.4)Procedures for review

VI.4.1)Review body

Northern Ireland Electricity Networks Limited
120 Malone Road
Belfast
United Kingdom
E-mail: anna.mcwhirter@nienetworks.co.ukInternet address: www.nienetworks.co.uk
VI.4.2)Body responsible for mediation procedures

VI.4.3)Review procedure

Precise information on deadline(s) for review procedures:

The Contracting Entity will incorporate a minimum 10 calendar day standstill period at the point information on the award of the Framework Agreements is communicated to all Economic Operators. The standstill period provides time for unsuccessful Economic Operators to challenge the award decision before the Framework Agreements are entered into. The Utilities Contracts Regulations 2016 provide for aggrieved parties who have been harmed or are at risk of harm by a breach of the rules to take action in The High Court (Northern Ireland).

VI.4.4)Service from which information about the review procedure may be obtained

High Court of Justice in Northern Ireland
Royal Courts of Justice, Chichester Street
Belfast
BT1 3JY
United Kingdom

VI.5)Date of dispatch of this notice:

02/08/2018

Enjoyed this post? Share it!