Cyber Security Penetration Testing Framework

Concepts

• information technology
• centralised suite of operational security services
• cyber security penetration testing framework
• penetration testing co-ordination
• software testing
• systems testing
• computer audit and testing
• computer testing
• penetration testing co
• nmc

Location

Description

The NMC, through the Contracting Authority, currently provides a centralised suite of operational security services to Contracting Bodies (as described in Appendix 3). These services include the following: • Protective Monitoring; • Incident Management; • Threat Intelligence; • Threat Hunting; • Vulnerability Assessment; • Malware Analysis; and • Penetration Testing Co-ordination.

CPV Codes

• 72000000 - IT services: consulting, software development, Internet and support
• 72200000 - Software programming and consultancy services
• 72220000 - Systems and technical consultancy services
• 72223000 - Information technology requirements review services
• 72225000 - System quality assurance assessment and review services
• 72246000 - Systems consultancy services
• 72254000 - Software testing
• 72254100 - Systems testing services
• 72610000 - Computer support services
• 72611000 - Technical computer support services
• 72800000 - Computer audit and testing services
• 72810000 - Computer audit services
• 72820000 - Computer testing services

Indicators

• Contract is suitable for SMEs.
• Contract is suitable for VCOs.

Other Information

This framework is being established to streamline the procurement of Penetration Testing on behalf of UK Policing. The full scope of the Services to be provided by the Framework Suppliers is detailed in the Statement of Requirements (Appendix 1). The NMC services are currently provided in association with British Telecommunications plc, who, in relation to the Penetration Testing Co-ordination, will provide initial support (prior to the engagement of the Framework Supplier), post testing review, remediation and mitigation assistance to Contracting Bodies. Contracting Authorities are required to perform an annual IT Health Check however, may require a higher frequency of Services depending on changes to IT infrastructure or best practice guidance. Given the nature of the Services being procured, Contracting Bodies are expected to enter into multiple Call - Off Contracts and rotate between the selected Framework Suppliers, to ensure that their systems remain robust to the risk of different cyber-attacks. The Framework Agreement is expected to commence in or around October 2021 for a period of 2 years (24 calendar months). Anticipated spend under the Framework Agreement is not expected to exceed £1,000,000. This figure has been calculated on the assumption that the Framework Agreement runs for its maximum possible term and that a number of Call Off Contracts are awarded by Contracting Bodies. For the avoidance of doubt, the Contracting Authority gives no warranty or representation as to the value of any Call Off Contract, or the number of Call Off Contracts, if any, which may be awarded. The Contracting Authority intends to award the Framework Agreement based on the most economically advantageous tender (MEAT). The Contracting Authority will not be bound to accept the lowest price or any Tender submitted, but will be evaluating Tenders on the quality and price criteria set forth in this ITT. The procurement documents will be made available to each bidder upon completion of an NDA. Please contact Krish Khanna at Krish.Khanna@tltsolicitors.com to receive a copy of the NDA. Additional data https://uk.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=38547&B=BLUELIGHT User / Company https://uk.eu-supply.com/ctm/Company/CompanyInformation/Index/94392