The buyer is not using this website to administer the notice.

To record your interest or obtain additional information or documents please find instructions within the Full Notice Text. (NOTE: Contract Award Notices and Prior Information Notices do not normally require a response)

Summary

OCID:: ocds-h6vhtk-0699b5
Published by:: Home Office
Authority ID:: AA76013
Publication date:: 16 May 2026
Deadline date:: -
Notice type:: Prior Information Notice
Has documents:: No
Has SPD:: No
Has Carbon Reduction Plan:: N/A

Abstract

The Home Office Airwave Security Team intends to re-procure the Technical Assurance and Security Architecture Services that will manage the end-to-end encrypted solution for specialist users as well as the interconnect solution between the Airwave service and the developing Emergency Services Network (ESN).

Full notice text

Prior information notice

This notice is for prior information only

Section I: Contracting authority

I.1) Name and addresses

Home Office

2 Marsham Street

London

SW1P 4DF

Contact person: Adam Griffiths

E-mail: Adam.griffiths1@homeoffice.gov.uk

NUTS: UK

Internet address(es)

Main address: https://www.gov.uk/government/organisations/home-office

I.3) Communication

Additional information can be obtained from the abovementioned address

I.4) Type of the contracting authority

Ministry or any other national or federal authority, including their regional or local subdivisions

I.5) Main activity

Public order and safety

Section II: Object

II.1) Scope of the procurement

II.1.1) Title

Provision of Airwave Technical Assurance and Security Architecture Services (Information Assurance) for ESMCP

Reference number: project_19768

II.1.2) Main CPV code

72220000

II.1.3) Type of contract

Services

II.1.4) Short description

II.1.5) Estimated total value

Value excluding VAT: 3 054 540.00 GBP

II.1.6) Information about lots

This contract is divided into lots: No

II.2) Description

II.2.2) Additional CPV code(s)

32510000

II.2.3) Place of performance

NUTS code:

II.2.4) Description of the procurement

The Home office are re-procuring the Technical Assurance and Security Architecture Services. Estimated date for release of tender is late June 2026

The requirement will be procured through the Government Commercial Agency's Cyber Security Services 3 (DPS) RM3764.3

_____________________________________________________________________________________________________________________

Suppliers will need to be registered to the RM3764.3 DPS and be identifiable against the following DPS filters in order to be invited to the tender exercise:

NCSC Assured Services, Cyber Resilience Audit, Audit and Review, Cyber Essentials Plus, Clearance: Security Check, NPPV (Non-Police Personnel Vetting), ISO 27001, Networks, Database, Internet, Cloud, Communications, Government, Critical National Infrastructure, Police, Ambulance, Fire Services, Coast Guard

“No Preference” to all other filters.

______________________________________________________________________________________________________________________

Home Office is not responsible for supplier registration. Suppliers will need to contact the Government Commercial Agency and follow its guidance. Suggested links:

Government Commercial Agency website:

www.gca.gov.uk

Become a supplier on a Dynamic Purchasing System:

www.gca.gov.uk/how-to-supply/dynamic-purchasing-system-dps

Link to Cyber Security Services 3 DPS:

https://supplierregistration.cabinetoffice.gov.uk/dps/RM3764.3?nav=0

In addition to registering to the DPS, the tender itself will be run using the Home Office's tender portal (https://homeoffice.app.jaggaer.com/web/login.html) suppliers will need to register to it. Instruction appends the front page to this portal.

Overview of requirements

The indicative scope of work includes, but not limited to, the following Airwave activities:

1. Provision of independent technical assurance across the Airwave end‑to‑end ecosystem, including TETRA radio services, bearer and transport technologies, and interfaces with ESN and other interconnected systems. This includes assessing availability, capacity, performance, and resilience impacts arising from proposed or implemented changes

2. Understanding encryption algorithms (note: we use TEA2 and AES), lifecycle considerations, and associated cryptographic service models

3. Assessment of customer element architectures, control room environments, gateways, clusters, and high‑impact modifications (e.g. CE refresh or site changes), with a focus on identifying security risks, operational impacts, and emerging dependencies

4. Structured review and assessment of users and suppliers technical submissions, including designs, configuration artefacts, test plans, and assurance or accreditation evidence. This includes identifying security gaps, vulnerabilities, or weaknesses across radio, cryptographic, network, and interworking solutions

5. Production, review, and maintenance of security cases, risk assessments, assurance reports, and risk treatment recommendations. The service includes providing clear, evidence‑based input to governance and decision‑making forums supporting Airwave service continuity and transition activities.

6. Assessment of Airwave‑related services and changes against relevant national and industry frameworks and standards, including the HMG Security Policy Framework, NCSC CAF and Principles‑Based Assurance, ETSI standards, TEA requirements, and recognised risk assessment methodologies.

7. Evaluation of risks associated with data hosting, data residency, and any offshoring proposals linked to Airwave services or supporting environments. This includes assessing legal, regulatory, operational, jurisdictional, and national security risks, and providing objective recommendations aligned with government policy and classification requirements.

II.2.14) Additional information

8. Support to the investigation and triage of security‑related incidents affecting Airwave, including cryptographic issues, configuration anomalies, or suspected misuse. This includes assessing operational impact, interpreting threat or vulnerability intelligence, and supporting follow‑up actions in coordination with relevant stakeholders.

II.3) Estimated date of publication of contract notice:

22/06/2026

Section IV: Procedure

IV.1) Description

IV.1.8) Information about Government Procurement Agreement (GPA)

The procurement is covered by the Government Procurement Agreement: Yes

Section VI: Complementary information

VI.3) Additional information

If your organisation fits the procurement criteria set out in the description and would like to register your interest or have any questions for this opportunity please contact Adam.griffiths1@homeoffice.gov.uk.

VI.5) Date of dispatch of this notice

15/05/2026

Coding

Commodity categories

ID	Title	Parent category
72220000	Systems and technical consultancy services	Software programming and consultancy services
32510000	Wireless telecommunications system	Telecommunications equipment and supplies

Delivery locations

ID	Description
100	UK - All

Alert region restrictions

The buyer has restricted the alert for this notice to suppliers based in the following regions.

ID	Description
There are no alert restrictions for this notice.

About the buyer

Main contact:: Adam.griffiths1@homeoffice.gov.uk
Admin contact:: N/a
Technical contact:: N/a
Other contact:: N/a

Further information

Date	Details
No further information has been uploaded.