Welsh Government Information Assurance Services Framework

National Procurement Service (Welsh Government)
T’yr Afon, Bedwas Road
Caerphilly
CF83 8WT
UNITED KINGDOM
Contact person: ICT Category Team
E-mail: npsictcategoryteam@wales.gsi.gov.uk
NUTS code: UKL

Internet address(es):Main address: http://npswales.gov.uk

Address of the buyer profile: http://www.sell2wales.gov.uk/search/Search_AuthProfile.aspx?ID=AA27760

The contract is awarded by a central purchasing body

The procurement documents are available for unrestricted and full direct access, free of charge, at: http://www.etenderwales.bravosolution.co.uk/

Additional information can be obtained from the abovementioned address

Tenders or requests to participate must be submitted electronically via: http://www.etenderwales.bravosolution.co.uk/

Electronic communication requires the use of tools and devices that are not generally available. Unrestricted and full direct access to these tools and devices is possible, free of charge, at: http://www.etenderwales.bravosolution.co.uk/

Body governed by public law

Other activity: central purchasing body

NPS — Information Assurance Services Framework.

Reference number: NPS–ICT–0052–16

Services

The National Procurement Service (NPS) wishes to establish a Framework Agreement (Agreement) for the supply of Information Assurance Services.

The NPS will deliver ‘All-Wales’ agreements for NPS Members and the Welsh public sector. The list of NPS Members can be found at:http://npswales.gov.uk This list may be subject to change as members sign-up to use the NPS, or member orgs are replaced during the life of the agreement.

A full list of Organisations that can utilise this Framework is detailed in Section VI.3) and within the ITT.

Under the terms of this contract the successful suppliers will be required to deliver Community Benefits in support of the authority’s economic and social objectives. Accordingly, contract performance conditions may relate in particular to social and environmental considerations.

Community Benefits will be included as Non-Core and not scored as part of the tender process. Full details are provided in the ITT.

Value excluding VAT: 12 000 000.00 GBP

This contract is divided into lots: yes

Tenders may be submitted for all lots

Lot 1: CESG CHECK accredited IT Health Checks

Lot No: 1

NUTS code: UKL

The Supplier must have capability to assess a range of Customers systems and services including;

Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,

Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.

The Supplier must be identified by CESG as an Accredited Supplier of CHECK services.

Further details can be found in the tender documentation.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 2 250 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 6 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

Lot 2: TIGER Certified Professional Scheme IT Health Checks

Lot No: 2

NUTS code: UKL

The Supplier must have capability to assess a range of Customers systems and services including:

Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,

Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.

The Supplier must be identified as an Approved and Certified TIGER Supplier.

Further details can be found in the tender documentation.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 1 500 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 5 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

Lot 3: CREST Certified Professional Scheme IT Health Checks

Lot No: 3

NUTS code: UKL

The Supplier must have capability to assess a range of Customers systems and services including:

Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,

Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.

The Supplier must be identified as an Approved and Certified CREST Supplier.

Further details can be found in the tender documentation.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 1 500 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 5 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

Lot 4: CESG Certified Professional Scheme Security Assurance (other than Penetration testing)

Lot No: 4

NUTS code: UKL

The objective of this Lot is to provide Customers with access to CESG Certified professional Scheme Information Assurance (IA) professionals to provide guidance that is consistent with the latest CESG protocols.

The criticality of the security advice is dependent on the expertise and knowledge of the Supplier’s staff is such that;

— the company and nominated individuals must be listed by a CESG accreditation body.

— at least one member of the Company’s staff must demonstrate that they meet the criteria to be assessed as a Senior/Lead Practitioner in the required discipline.

— all other non-assessed members of the team will be required to be associate CESG members.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 2 250 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

1.1.4 The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 6 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

Lot 5: Payment Card Industry Approved Scanning Vendors

Lot No: 5

NUTS code: UKL

The Supplier must have capability to validate adherence to Data Security Standards by performing vulnerability scans of the external facing environments of customers’ networks.

The Supplier must be identified as an Approved Scanning Vendor (ASV) by the Payment Card Industry Security Standards Council.

The test team must have sufficient experience to undertake the Service and comprise the necessary mix of expertise for the component technologies of the Customer systems.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 1 500 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 3 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

Lot 6: Payment Card Industry Security Standards Council accredited — Qualified Security Assessor

Lot No: 6

NUTS code: UKL

The objective of the Qualified Security Assessor (QSA) Lot is to provide Customer with access to Payment Card Industry Security Standards Council accredited professionals to provide guidance and validate an organisation’s adherence to the Payment Card Industry Data Security Standards (PCI DSS).

Security Assessors must have current certification issued by PCI Security Standards Council and be employees of a Qualified Security Assessor (QSA) company qualified by PCI Security Standards Council.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 1 500 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 6 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

Lot 7: Cyber Essentials

Lot No: 7

NUTS code: UKL

The objective of the LOT is to provide Customers with access to Cyber Essential certifiers to provide guidance and validate an organisation’s adherence to Cyber Essentials and Cyber Essentials Plus requirements.

Assessors must have current certification issued by a CESG approved Accreditation Body.

Price is not the only award criterion and all criteria are stated only in the procurement documents

Value excluding VAT: 1 500 000.00 GBP

Duration in months: 48

This contract is subject to renewal: yes

Description of renewals:

The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.

Variants will be accepted: no

Options: no

The procurement is related to a project and/or programme financed by European Union funds: no

A Maximum of 6 Suppliers will be awarded to this Lot.

Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.

List and brief description of conditions:

Lot specific suitability requirements are set within the tender documentation.

List and brief description of selection criteria:

As set out in the Tender Documentation.

The awarding authority reserves the right to request parent company and/or other guarantees of performance and financial liability.

List and brief description of selection criteria:

Details will be listed in the invitation to tender documentation.

Refer to tender documentation.

Obligation to indicate the names and professional qualifications of the staff assigned to performing the contract

Open procedure

The procurement involves the establishment of a framework agreement

Framework agreement with several operators

Envisaged maximum number of participants to the framework agreement: 37

The procurement is covered by the Government Procurement Agreement: yes

Notice number in the OJ S: 2014/S 167-297928

Date: 08/06/2016

Local time: 14:00

English, Welsh

Duration in months: 4 (from the date stated for receipt of tender)

Date: 08/06/2016

Local time: 14:30

This is a recurrent procurement: no

The Agreement will be open for use by the following Orgs within Wales:

— Welsh Ministers, their agencies, sponsored and statutory bodies and other contracting authorities funded by them, whether or not they operate independently of Welsh Ministers

— The Welsh Assembly Commission

— Any company, limited liability partnership or other corporate entity wholly or partly owned by or controlled (directly or indirectly) by Welsh Government

— UK Government, their agencies, companies and limited liability partnerships or other corporate entities, wholly or partly owned by or controlled by departments of the UK Government and which operate in Wales

— Non-ministerial governmental departments which operate devolved offices in Wales

— Local Authorities in Wales their agencies, companies and limited liability partnerships or other corporate entities wholly or partly owned by or controlled by and any county and county borough, city, community or other council or local authority in Wales

— Contracting authorities established for the provision of culture, media and sport in Wales

— NHS Health Boards in Wales, NHS Trusts in Wales, Special Health Authorities in Wales, Community Health Councils in Wales, the NHS Wales Shared Services Partnership and Board of Community Health Councils and any other contracting authorities operating within or on behalf of the NHS in Wales

— Higher and further education bodies in Wales, including colleges, community colleges and universities, WEA Cymru and Colleges Wales

— Police and crime commissioners and police forces in Wales; national park, and fire and rescue authorities in Wales

— Wales Council for Voluntary Action and those associated charities and voluntary organisations

— Citizen Advice Bureaux in Wales

— Registered social landlords on the register maintained by Welsh Government

— Schools, sixth-form colleges, foundation schools and academies in Wales (but not independent schools)

— HM Inspectorate of Schools in Wales (Estyn)

— One Voice Wales (Town & Community Councils) and town & community councils in Wales

— Tribunals administered by Her Majesty’s Courts and Tribunals Service acting as the Executive Agency of the Ministry of Justice (and which operate in Wales)

— Tribunals listed under the Administrative Justice and Tribunals Council (Listed Tribunals) (Wales) Order 2007 and any other tribunals that deal with devolved subject matter or are sponsored by the Welsh Assembly Government or Welsh Local Authorities

— Where applicable, the above shall include subsidiaries of the contracting authority at any level.

In the event of merger, abolition or change of any of the contracting authorities listed or referred to above, the successors to those authorities or to their functions will also be able to enter into specific contracts under this framework.

ITT documentation can be accessed via: https://etenderwales.bravosolution.co.uk

Etender references:

Project_32718 — NPS — Information Assurance Services.

itt_53078 — Community Benefits Submissions

itt_52911 — Qualification Questionnaire

itt_52914 — Generic Questions

itt_52915 Lot 1,itt_52917 Lot 2,itt_52918 Lot 3,itt_52919 Lot 4,itt_52920 Lot 5,itt_52921 Lot 6,itt_54114 Lot 7.

If you are seeking help on using the etenderwales system please email help@bravosolution.co.uk or call 08003684852.

If you require documentation in an alternative format, please use the ‘Messages’ area to contact NPS, who will be able to provide a more suitable format.

The Welsh Ministers (NPS) will not be liable for any bidder costs arising from the non award of this framework.

Note: the authority is using eTenderwales to carry out this procurement process. To obtain further information record your interest on Sell2Wales athttp://www.sell2wales.gov.wales/search/search_switch.aspx?ID=40493

(WA Ref:40493).

National Procurement Service (Welsh Government)
T’yr Afon, Bedwas Road
Caerphilly
CF83 8WT
UNITED KINGDOM
Telephone: +44 3007900170Internet address:http://npswales.gov.uk

05/05/2016