Contract notice
Section I: Contracting
authority
I.1) Name and addresses
National Procurement Service (Welsh Government)
T’yr Afon, Bedwas Road
Caerphilly
CF83 8WT
UK
Contact person: ICT Category Team
E-mail: npsictcategoryteam@wales.gsi.gov.uk
NUTS: UKL
Internet address(es)
Main address: http://npswales.gov.uk
Address of the buyer profile: http://www.sell2wales.gov.uk/search/Search_AuthProfile.aspx?ID=AA27760
I.2) Joint procurement
The contract is awarded by a central purchasing body
I.3) Communication
The procurement documents are available for unrestricted and full direct access, free of charge at:
http://www.etenderwales.bravosolution.co.uk/
Additional information can be obtained from the abovementioned address
Tenders or requests to participate must be sent electronically to:
http://www.etenderwales.bravosolution.co.uk/
Electronic communication requires the use of tools and devices that are not generally available. Unrestricted and full direct access to these tools and devices is possible, free of charge, at:
http://www.etenderwales.bravosolution.co.uk/
I.4) Type of the contracting authority
Body governed by public law
I.5) Main activity
Other: Central Purchasing Body
Section II: Object
II.1) Scope of the procurement
II.1.1) Title
NPS - Information Assurance Services Framework
Reference number: NPS–ICT–0052–16
II.1.2) Main CPV code
72000000
II.1.3) Type of contract
Services
II.1.4) Short description
The National Procurement Service (NPS) wishes to establish a Framework Agreement (Agreement) for the supply of Information Assurance Services.
The NPS will deliver ‘All-Wales’ agreements for NPS Members and the Welsh public sector. The list of NPS Members can be found at: http://npswales.gov.uk. This list may be subject to change as members signup to use the NPS, or member orgs are replaced during the life of the agreement.
A full list of Organisations that can utilise this Framework is detailed in Section VI.3 and within the ITT.
Under the terms of this contract the successful suppliers will be required to deliver Community Benefits in support of the authority’s economic and social objectives. Accordingly, contract performance conditions may relate in particular to social and environmental considerations.
Community Benefits will be included as Non-Core and not scored as part of the tender process. Full details are provided in the ITT.
II.1.5) Estimated total value
Value excluding VAT:
12 000 000.00
GBP
II.1.6) Information about lots
This contract is divided into lots:
Yes
Tenders may be submitted for all lots
II.2) Description
Lot No: 1
II.2.1) Title
Lot 1: CESG CHECK accredited IT Health Checks
II.2.2) Additional CPV code(s)
72130000
72150000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72315000
72220000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to assess a range of Customers systems and services including;
Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,
Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.
The Supplier must be identified by CESG as an Accredited Supplier of CHECK services.
Further details can be found in the tender documentation.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
2 250 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 2
II.2.1) Title
Lot 2: TIGER Certified Professional Scheme IT Health Checks
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72220000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to assess a range of Customers systems and services including:
Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,
Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.
The Supplier must be identified as an Approved and Certified TIGER Supplier.
Further details can be found in the tender documentation.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
1 500 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 5 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 3
II.2.1) Title
Lot 3: CREST Certified Professional Scheme IT Health Checks
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72220000
72221000
72222000
72222200
72222100
72222300
72223000
72224200
72225000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to assess a range of Customers systems and services including:
Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,
Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.
The Supplier must be identified as an Approved and Certified CREST Supplier.
Further details can be found in the tender documentation.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
1 500 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 5 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 4
II.2.1) Title
Lot 4: CESG Certified Professional Scheme Security Assurance (other than Penetration testing)
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72221000
72222000
72222200
72222300
72223000
72224200
72225000
72222100
72220000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The objective of this Lot is to provide Customers with access to CESG Certified professional Scheme Information Assurance (IA) professionals to provide guidance that is consistent with the latest CESG protocols.
The criticality of the security advice is dependent on the expertise and knowledge of the Supplier’s staff is such that;
- the company and nominated individuals must be listed by a CESG accreditation body.
- at least one member of the Company's staff must demonstrate that they meet the criteria to be assessed as a Senior/Lead Practitioner in the required discipline.
- all other non-assessed members of the team will be required to be associate CESG members.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
2 250 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
1.1.4 The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 5
II.2.1) Title
Lot 5: Payment Card Industry Approved Scanning Vendors
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72200000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to validate adherence to Data Security Standards by performing vulnerability scans of the external facing environments of customers’ networks.
The Supplier must be identified as an Approved Scanning Vendor (ASV) by the Payment Card Industry Security Standards Council.
The test team must have sufficient experience to undertake the Service and comprise the necessary mix of expertise for the component technologies of the Customer systems.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
1 500 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 3 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 6
II.2.1) Title
Lot 6: Payment Card Industry Security Standards Council accredited - Qualified Security Assessor
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72220000
72221000
72222000
72222100
72222200
72222300
72224200
72225000
72223000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The objective of the Qualified Security Assessor (QSA) LOT is to provide Customer with access to Payment Card Industry Security Standards Council accredited professionals to provide guidance and validate an organisation’s adherence to the Payment Card Industry Data Security Standards (PCI DSS).
Security Assessors must have current certification issued by PCI Security Standards Council and be employees of a Qualified Security Assessor (QSA) company qualified by PCI Security Standards Council.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
1 500 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 7
II.2.1) Title
Lot 7: Cyber Essentials
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72220000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The objective of the LOT is to provide Customers with access to Cyber Essential certifiers to provide guidance and validate an organisation’s adherence to Cyber Essentials and Cyber Essentials Plus requirements.
Assessors must have current certification issued by a CESG approved Accreditation Body.
II.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6) Estimated value
Value excluding VAT:
1 500 000.00
GBP
II.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 48
This contract is subject to renewal: Yes
Description of renewals:
The Agreement will be for a maximum period of up to 4 years, comprising of an initial period of 2 years (the Initial Term) with the option to extend for further periods up to maximum of 2 years.
II.2.9) Information about the limits on the number of candidates to be invited
II.2.10) Information about variants
Variants will be accepted:
No
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Section III: Legal, economic, financial and technical information
III.1) Conditions for participation
III.1.1) Suitability to pursue the professional activity, including requirements relating to enrolment on professional or trade registers
List and brief description of conditions:
Lot specific suitability requirements are set within the tender documentation.
III.1.2) Economic and financial standing
List and brief description of selection criteria:
As set out in the Tender Documentation.
The awarding authority reserves the right to request parent company and/or other guarantees of performance and financial liability.
III.1.3) Technical and professional ability
List and brief description of selection criteria:
Details will be listed in the invitation to tender documentation.
III.2) Conditions related to the contract
III.2.2) Contract performance conditions
Refer to tender documentation.
III.2.3) Information about staff responsible for the performance of the contract
Obligation to indicate the names and professional qualifications of the staff assigned to performing the contract
Section IV: Procedure
IV.1) Description
IV.1.1) Type of procedure
Open procedure
IV.1.3) Information about a framework agreement or a dynamic purchasing system
The procurement involves the establishment of a framework agreement with several operators.
Envisaged maximum number of participants to the framework agreement: 37
IV.1.8) Information about Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement:
Yes
IV.2) Administrative information
IV.2.1) Previous publication concerning this procedure
Notice number in the OJ S:
2014/S 167-297928
IV.2.2) Time limit for receipt of tenders or requests to participate
Date:
08/06/2016
Local time: 14:00
IV.2.4) Languages in which tenders or requests to participate may be submitted
EN
CY
IV.2.6) Minimum time frame during which the tenderer must maintain the tender
Duration in months: 4 (from the date stated for receipt of tender)
IV.2.7) Conditions for opening of tenders
Date:
08/06/2016
Local time: 14:30
Section VI: Complementary information
VI.1) Information about recurrence
This is a recurrent procurement:
No
VI.3) Additional information
The Agreement will be open for use by the following Orgs within Wales:
-Welsh Ministers, their agencies, sponsored and statutory bodies and other contracting authorities funded by them, whether or not they operate independently of Welsh Ministers
-The Welsh Assembly Commission
-Any company, limited liability partnership or other corporate entity wholly or partly owned by or controlled (directly or indirectly) by Welsh Government
-UK Government, their agencies, companies and limited liability partnerships or other corporate entities, wholly or partly owned by or controlled by departments of the UK Government and which operate in Wales
-Non-ministerial governmental departments which operate devolved offices in Wales
-Local Authorities in Wales their agencies, companies and limited liability partnerships or other corporate entities wholly or partly owned by or controlled by and any county and county borough, city, community or other council or local authority in Wales
-Contracting authorities established for the provision of culture, media and sport in Wales
-NHS Health Boards in Wales, NHS Trusts in Wales, Special Health Authorities in Wales, Community Health Councils in Wales, the NHS Wales Shared Services Partnership and Board of Community Health Councils and any other contracting authorities operating within or on behalf of the NHS in Wales
-Higher and further education bodies in Wales, including colleges, community colleges and universities, WEA Cymru and Colleges Wales
-Police and crime commissioners and police forces in Wales; national park, and fire and rescue authorities in Wales
-Wales Council for Voluntary Action and those associated charities and voluntary organisations
-Citizen Advice Bureaux in Wales
-Registered social landlords on the register maintained by Welsh Government
-Schools, sixth-form colleges, foundation schools and academies in Wales (but not independent schools)
-HM Inspectorate of Schools in Wales (Estyn)
-One Voice Wales (Town & Community Councils) and town & community councils in Wales
-Tribunals administered by Her Majesty’s Courts and Tribunals Service acting as the Executive Agency of the Ministry of Justice (and which operate in Wales)
-Tribunals listed under the Administrative Justice and Tribunals Council (Listed Tribunals) (Wales) Order 2007 and any other tribunals that deal with devolved subject matter or are sponsored by the Welsh Assembly Government or Welsh Local Authorities
-Where applicable, the above shall include subsidiaries of the contracting authority at any level.
In the event of merger, abolition or change of any of the contracting authorities listed or referred to above, the successors to those authorities or to their functions will also be able to enter into specific contracts under this framework.
ITT documentation can be accessed via: https://etenderwales.bravosolution.co.uk
Etender references:
Project_32718 - NPS - Information Assurance Services.
itt_53078 - Community Benefits Submissions
itt_52911 - Qualification Questionnaire
itt_52914 - Generic Questions
itt_52915 Lot 1,itt_52917 Lot 2,itt_52918 Lot 3,itt_52919 Lot 4,itt_52920 Lot 5,itt_52921 Lot 6,itt_54114 Lot 7.
If you are seeking help on using the etenderwales system please email help@bravosolution.co.uk or call 08003684852.
If you require documentation in an alternative format, please use the ‘Messages’ area to contact NPS, who will be able to provide a more suitable format.
The Welsh Ministers (NPS) will not be liable for any bidder costs arising from the non award of this framework.
(WA Ref:40493)
VI.4) Procedures for review
VI.4.1) Review body
National Procurement Service (Welsh Government)
T’yr Afon, Bedwas Road
Caerphilly
CF83 8WT
UK
Telephone: +44 3007900170
Internet address(es)
URL: http://npswales.gov.uk
VI.5) Date of dispatch of this notice
05/05/2016