Provision of Annual Security (Penetration) Testing

Security testing that is automated or requires minimal specialist skills (such as port scanning) should be provided in advance to Ofgem’s IT department. This will allow the supplier to focus on more extensive and detailed testing.Reference number:

Deadline date:28/06/2013

This deadline is for… Notice deadline.

Contract value:£0 – £0

Location where the contract is to be carried out: United Kingdom 9 Milbank, London SW1P 3GE

Is this suitable for smaller suppliers? Yes

Is this contract suitable for a voluntary, community and social enterprise organisations? No

Name of the buying organisation: Ofgem

Original source URL http://www.mytenders.org/search/search_switch.aspx?ID=105816

Description of the contract

Tenderers are invited to consider to address the following requirements as detailed in the ITT.

-Security testing that is automated or requires minimal specialist skills (such as port scanning) should be provided in advance to Ofgem’s IT department. This will allow the supplier to focus on more extensive and detailed testing. The analysis of all testing results and specialised security testing will still need to be completed by tenderers.

-Please note that vulnerability management/patch management software is installed and regularly reporting on the patch state of the corporate and external server environment. Cascade or compound failure scenarios of installed security enforcing devices/measures according to their patch state or configuration will be considered of greater value.

-A Penetration test on our internet facing nodes, including our publicly accessible applications.

-A full corporate domain penetration test (two Windows server build configurations)

-A full application test of the SharePoint 2010 installation

-VPN gateway penetration test

-Options for Social engineering testing, including phishing awareness campaigns

-Vulnerability report which includes detailed actions or recommendations.

-A recommendation of suitable measures which Ofgem should implement to ensure ongoing security of its infrastructure.

(MT Ref:105816)

Documents

ITT for Annual Security Penetration Test 2013 FINAL (http://www.mytenders.org/search/search_switch.aspx?ID=105816)

Classification of the contract

72254000 Software testing

72226000 System software acceptance testing consultancy services

Additional information

Contract type: Services – Unspecified

Is it a framework agreement? No

Is this contract related to a programme of funding? No

Contract will be awarded based on: Most economically advantageous tender in terms of: The criteria stated in the contract documents

Estimated length of contract: 15/07/2013 – 15/11/2013

Who to contact

Contact name Dorothy Eke

Organisation name Ofgem

Address 9 Millbank, Procurement Team, London, GB, SW1P 3GE

Telephone +44 2079017000

Extension number:

Fax

Web address http://www.ofgem.gov.uk

How to apply

For further information please review the full notice details at http://www.mytenders.org/search/search_switch.aspx?ID=105816