Cyber Security as a Service

Concepts

• bristol
• information technology
• planning inspectorate
• cyber security
• specific set of information security services
• suppliers of information security services
• information assets
• criticality
• goals
• infrastructure

Location

Description

Background The Planning Inspectorate is seeking proposals from qualified and experienced suppliers of Information Security services. As an organisation operating in the Public Sector, we recognise the criticality of safeguarding our information assets, protecting our infrastructure, and ensuring the confidentiality, integrity, and availability of our systems and data. To achieve these goals, we require a specific set of Information Security services. Objectives

Award Detail

CPV Codes

• 72000000 - IT services: consulting, software development, Internet and support

Indicators

• Contract is suitable for SMEs.

Other Information

The objectives of this tender are to identify and engage a supplier that can provide the following Information Security services to The Planning Inspectorate: Risk Assessments/Management:  The supplier must be capable of conducting thorough risk assessments across our organization's systems, networks, applications, and processes. This includes identifying vulnerabilities, assessing potential impacts, and recommending risk mitigation measures. The supplier should have expertise in risk management frameworks and be able to provide ongoing support in risk monitoring and mitigation. Security Architect:  We require a supplier with extensive experience in security architecture to assess our existing infrastructure, review designs to ensure robust security controls are appropriately incorporated and provide guidance on the implementation of best practices. The supplier should have a deep understanding of industry standards and frameworks, such as ISO 27001, NIST (National Institute of Standards and Technology), and CIS (Critical Security Controls), and be able to align our security architecture with these standards. Independent IT Health Checks: The supplier must be able to conduct independent IT health checks to evaluate the effectiveness of our security controls and ensure compliance with relevant regulations and standards. This includes reviewing configurations, policies, and procedures, as well as assessing the overall security posture of our IT systems. The supplier should provide detailed reports highlighting vulnerabilities, weaknesses, and recommendations for improvement. Penetration Testing: We require a supplier that can perform comprehensive penetration testing to identify potential weaknesses in our systems and applications. The supplier must possess advanced technical expertise and tools to simulate real-world attacks, attempting to exploit vulnerabilities and gain unauthorised access. They should deliver detailed reports outlining findings, potential impacts, and actionable remediation steps. Security Analyst as a Service: To strengthen our security posture, we require the services of a skilled Security Analyst to support our ongoing security operations on both a periodic and 'as required' basis. Your written proposal and pricing proposal must be submitted to tenders@planninginspectorate.gov.uk no later than Friday 23 June 2023 - 16:00 hours. Written proposals and pricing received after this deadline will not be accepted. Annex B - Written Proposal_.docx Annex A - Price Schedule (1).xlsx Annex C - Social Value - guide on how we will evaluate for bidders and evaluators (2).docx DPS-Schedule-6-Order-Form-Template-and-Order-Schedules-v1.0-1 - tmc3 signed (1)_Redacted.pdf