Contract award notice
Results of the procurement procedure
Section I: Contracting
authority
I.1) Name and addresses
National Procurement Service (Welsh Government)
T’yr Afon, Bedwas Road
Caerphilly
CF83 8WT
UK
Contact person: ICT Category Team
E-mail: npsictcategoryteam@wales.gsi.gov.uk
NUTS: UKL
Internet address(es)
Main address: http://npswales.gov.uk
Address of the buyer profile: http://www.sell2wales.gov.uk/search/Search_AuthProfile.aspx?ID=AA27760
I.2) Joint procurement
The contract is awarded by a central purchasing body
I.4) Type of the contracting authority
Body governed by public law
I.5) Main activity
Other: Central Purchasing Body
Section II: Object
II.1) Scope of the procurement
II.1.1) Title
NPS - Information Assurance Services Framework
Reference number: NPS–ICT–0052–16
II.1.2) Main CPV code
72000000
II.1.3) Type of contract
Services
II.1.4) Short description
The National Procurement Service (NPS) wishes to establish a Framework Agreement (Agreement) for the supply of Information Assurance Services.
The NPS will deliver ‘All-Wales’ agreements for NPS Members and the Welsh public sector. The list of NPS Members can be found at: http://npswales.gov.uk. This list may be subject to change as members signup to use the NPS, or member orgs are replaced during the life of the agreement.
A full list of Organisations that can utilise this Framework is detailed in Section VI.3 and within the ITT.
Under the terms of this contract the successful suppliers will be required to deliver Community Benefits in support of the authority’s economic and social objectives. Accordingly, contract performance conditions may relate in particular to social and environmental considerations.
Community Benefits will be included as Non-Core and not scored as part of the tender process. Full details are provided in the ITT.
II.1.6) Information about lots
This contract is divided into lots:
Yes
II.2) Description
Lot No: 1
II.2.1) Title
Lot 1: CESG CHECK accredited IT Health Checks
II.2.2) Additional CPV code(s)
72130000
72150000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72315000
72220000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to assess a range of Customers systems and services including;
Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,
Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.
The Supplier must be identified by CESG as an Accredited Supplier of CHECK services.
Further details can be found in the tender documentation.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 2
II.2.1) Title
Lot 2: TIGER Certified Professional Scheme IT Health Checks
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72220000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to assess a range of Customers systems and services including:
Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,
Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.
The Supplier must be identified as an Approved and Certified TIGER Supplier.
Further details can be found in the tender documentation.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 5 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 3
II.2.1) Title
Lot 3: CREST Certified Professional Scheme IT Health Checks
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72220000
72221000
72222000
72222200
72222100
72222300
72223000
72224200
72225000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to assess a range of Customers systems and services including:
Network Penetration Test, Network Vulnerability Assessment, Web Application Security Assessment,
Mobile Device Security Assessment, Wireless Security Assessment, Remote Working Assessment.
The Supplier must be identified as an Approved and Certified CREST Supplier.
Further details can be found in the tender documentation.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 5 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 4
II.2.1) Title
Lot 4: CESG Certified Professional Scheme Security Assurance (other than Penetration testing)
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72221000
72222000
72222200
72222300
72223000
72224200
72225000
72222100
72220000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The objective of this Lot is to provide Customers with access to CESG Certified professional Scheme Information Assurance (IA) professionals to provide guidance that is consistent with the latest CESG protocols.
The criticality of the security advice is dependent on the expertise and knowledge of the Supplier’s staff is such that;
- the company and nominated individuals must be listed by a CESG accreditation body.
- at least one member of the Company's staff must demonstrate that they meet the criteria to be assessed as a Senior/Lead Practitioner in the required discipline.
- all other non-assessed members of the team will be required to be associate CESG members.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 5
II.2.1) Title
Lot 5: Payment Card Industry Approved Scanning Vendors
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72200000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The Supplier must have capability to validate adherence to Data Security Standards by performing vulnerability scans of the external facing environments of customers’ networks.
The Supplier must be identified as an Approved Scanning Vendor (ASV) by the Payment Card Industry Security Standards Council.
The test team must have sufficient experience to undertake the Service and comprise the necessary mix of expertise for the component technologies of the Customer systems.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 3 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 6
II.2.1) Title
Lot 6: Payment Card Industry Security Standards Council accredited - Qualified Security Assessor
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72220000
72221000
72222000
72222100
72222200
72222300
72224200
72225000
72223000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The objective of the Qualified Security Assessor (QSA) LOT is to provide Customer with access to Payment Card Industry Security Standards Council accredited professionals to provide guidance and validate an organisation’s adherence to the Payment Card Industry Data Security Standards (PCI DSS).
Security Assessors must have current certification issued by PCI Security Standards Council and be employees of a Qualified Security Assessor (QSA) company qualified by PCI Security Standards Council.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Lot No: 7
II.2.1) Title
Lot 7: Cyber Essentials
II.2.2) Additional CPV code(s)
72000000
72130000
72150000
72220000
72221000
72222000
72222100
72222200
72222300
72223000
72224200
72225000
72810000
72820000
II.2.3) Place of performance
NUTS code:
UKL
II.2.4) Description of the procurement
The objective of the LOT is to provide Customers with access to Cyber Essential certifiers to provide guidance and validate an organisation’s adherence to Cyber Essentials and Cyber Essentials Plus requirements.
Assessors must have current certification issued by a CESG approved Accreditation Body.
II.2.5) Award criteria
Quality criterion: Technical
/ Weighting: 60%
Cost criterion: Commercial
/ Weighting: 40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
II.2.14) Additional information
A Maximum of 6 Suppliers will be awarded to this Lot.
Customers are able to vary the award weightings at the call-off stage. Please refer to the ITT for details.
Section IV: Procedure
IV.1) Description
IV.1.1) Type of procedure
Open procedure
IV.1.8) Information about Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement:
Yes
IV.2) Administrative information
IV.2.1) Previous publication concerning this procedure
Notice number in the OJ S:
2014/S 167-297928
Section V: Award of contract
Lot No: 1
Contract No: NPS–ICT–0052–16
Title: Lot 1: CESG CHECK accredited IT Health Checks
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section V: Award of contract
Lot No: 2
Contract No: NPS–ICT–0052–16
Title: Lot 2: TIGER Certified Professional Scheme IT Health Checks
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section V: Award of contract
Lot No: 3
Contract No: NPS–ICT–0052–16
Title: Lot 3: CREST Certified Professional Scheme IT Health Checks
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section V: Award of contract
Lot No: 4
Contract No: NPS–ICT–0052–16
Title: Lot 4: CESG Certified Professional Scheme Security Assurance (other than Penetration testing)
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section V: Award of contract
Lot No: 5
Contract No: NPS–ICT–0052–16
Title: Lot 5: Payment Card Industry Approved Scanning Vendors
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section V: Award of contract
Lot No: 6
Contract No: NPS–ICT–0052–16
Title: Lot 6: Payment Card Industry Security Standards Council accredited - Qualified Security Assessor
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section V: Award of contract
Lot No: 7
Contract No: NPS–ICT–0052–16
Title: Lot 7: Cyber Essentials
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section VI: Complementary information
VI.3) Additional information
(WA Ref:45995)
VI.4) Procedures for review
VI.4.1) Review body
National Procurement Service (Welsh Government)
T’yr Afon, Bedwas Road
Caerphilly
CF83 8WT
UK
Telephone: +44 3007900170
Internet address(es)
URL: http://npswales.gov.uk
VI.5) Date of dispatch of this notice
18/05/2016