Planning

A SAP Governance, Risk and Compliance (GRC) Solution Reference number: WA02642

SELLAFIELD

This public procurement record has 1 release in its history.

Planning

18 Feb 2021 at 08:05

Market Engagement Notice
Summary of the contracting process

The procurement process pertains to Sellafield, which is seeking a SAP Governance, Risk and Compliance (GRC) Solution under reference number WA02642. This is classified under the software package and information systems industry and is currently at the planning stage. Interested parties should note that the engagement end date is set for 3rd March 2021. The procurement is focused on enhancing compliance and risk management within Sellafield’s SAP ERP system and involves a tendering process.

This tender presents a significant opportunity for businesses involved in software programming, consultancy services, and specifically those with expertise in governance, risk management, and compliance solutions. Companies capable of providing robust GRC technology and support will be particularly well-suited to compete. As Sellafield aims to automate and streamline their compliance processes, firms that can demonstrate innovative solutions and a strong understanding of regulatory frameworks, such as GDPR, may find this an advantageous market to enter.

Find more tenders on our Open Data Platform.
How relevant is this notice?

D3 Tenders Premium

Win More Public Sector Contracts

AI-powered tender discovery, pipeline management, and market intelligence — everything you need to grow your public sector business.

Start Free Trial Book a Demo
All Features Pricing

Notice Information

Notice Title

A SAP Governance, Risk and Compliance (GRC) Solution Reference number: WA02642

Notice Description

The scope of this requirement is for a GRC (governance, risk management and compliance) solution for SAP ERP System to help manage compliance and remove/mitigate risks on an ongoing basis. The current process for SAP User Access management, Human Capital Management (HCM) and non-HCM Segregation of Duties (SoD), Emergency Access Management and Role Management are manual paper-based processes managed by BUC's (Business User Controllers) and the SAP Competency Centre. Checking for compliance and segregation of duties is very limited and the business does not have the skills to maintain the matrices at this level on a manual basis due to the complexity of SAP Authorisations. Additional information: BACKGROUND - LANDSCAPE Sellafield has been nearly 80 years in the making. A pioneer for the UK's nuclear industry, it supported national defence, generated electricity for nearly half a century, and developed the ability to safely manage nuclear waste. Each chapter of Sellafield's history delivered great benefit for the country while creating a complex nuclear clean-up challenge for which there are no blueprints. Today, Sellafield covers 6 square kilometres and is home to more than 200 nuclear facilities and the largest inventory of untreated nuclear waste in the world. From cleaning-up the country's highest nuclear risks and hazards to safeguarding nuclear fuel, materials and waste, our mission is nationally important. Our purpose is to keep Sellafield safe and secure, cleaning-up the site to a defined end state. The purpose of this PIN is to understand the capability and capacity of the SAP GRC market. This information will then be used to help determine Sellafield's overall approach and any future acquisition strategy in relation to SAP GRC. Interested parties are requested to provide information on how your Company could provide part or all of the technology required. The tool will enable Sellafield to: - manage regulations and compliance and remove or mitigate any risk in managing key operations. - develop an integrated and centralised approach to GRC which makes the most of automations to ensure that the cost of managing a GRC solution is reduced whilst significantly improving operational effectiveness and value. - demonstrate resilience in managing overall governance, risk management and compliance with regulations, for example, GDPR. Interested parties should refer to the Addition Information section VI.3) in this notice which details the response requirements of this PIN. The priority areas are: * Access Request Management * Segregation of Duties * User Access Reviews * User Behaviour Profiling * Role Management * Emergency Access * Licence Optimisation/Compliance * GDPR Compliance * Audit Compliance * Monitoring/Analytics * Future proofing for S/4 HANA for role migration/testing

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-b5fd17-59d2f0a3-7f1a-45c4-8ff5-2e17687f388c
Publication Source
Contracts Finder
Latest Notice
https://www.contractsfinder.service.gov.uk/Notice/57828c6a-65e5-4cd2-ba3b-be6716817742
Current Stage
Planning
All Stages
Planning

Procurement Classification

Notice Type
Market Engagement Notice
Procurement Type
Standard
Procurement Category
Not specified
Procurement Method
Not Specified
Procurement Method Details
Not specified
Tender Suitability
Not specified
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

48 - Software package and information systems

72 - IT services: consulting, software development, Internet and support

CPV Codes

48000000 - Software package and information systems

72200000 - Software programming and consultancy services

Notice Value(s)

Tender Value
Not specified
Lots Value
Not specified
Awards Value
Not specified
Contracts Value
Not specified

Notice Dates

Publication Date
18 Feb 20215 years ago
Submission Deadline
Not specified
Future Notice Date
3 Mar 2021Expired
Award Date
Not specified
Contract Period
Not specified - Not specified
Recurrence
Not specified

Notice Status

Tender Status
Planning
Lots Status
Not Specified
Awards Status
Not Specified
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
SELLAFIELD
Contact Name
Available with D3 Tenders Premium →
Contact Email
Available with D3 Tenders Premium →
Contact Phone
Available with D3 Tenders Premium →

Buyer Location

Locality
SEASCALE
Postcode
CA20 1PG
Post Town
Carlisle
Country
England
Major Region (ITL 1)
TLD North West (England)
Basic Region (ITL 2)
TLD1 Cumbria
Small Region (ITL 3)
TLD13 Cumberland
Delivery Location
TLD North West (England)
Local Authority
Cumberland
Electoral Ward
Gosforth
Westminster Constituency
Whitehaven and Workington

Further Information

Notice Documents

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-b5fd17-59d2f0a3-7f1a-45c4-8ff5-2e17687f388c-2021-02-18T08:05:05Z",
    "date": "2021-02-18T08:05:05Z",
    "ocid": "ocds-b5fd17-59d2f0a3-7f1a-45c4-8ff5-2e17687f388c",
    "language": "en",
    "initiationType": "tender",
    "title": "A SAP Governance, Risk and Compliance (GRC) Solution Reference number: WA02642",
    "planning": {
        "milestones": [
            {
                "id": "1",
                "title": "Engagement end date",
                "type": "engagement",
                "dueDate": "2021-03-03T23:59:59Z"
            }
        ],
        "documents": [
            {
                "id": "1",
                "documentType": "marketEngagementNotice",
                "description": "Early engagement notice on Contracts Finder",
                "url": "https://www.contractsfinder.service.gov.uk/Notice/57828c6a-65e5-4cd2-ba3b-be6716817742",
                "datePublished": "2021-02-18T08:05:05Z",
                "format": "text/html",
                "language": "en"
            }
        ]
    },
    "tender": {
        "id": "CTM RFT 12965",
        "title": "A SAP Governance, Risk and Compliance (GRC) Solution Reference number: WA02642",
        "description": "The scope of this requirement is for a GRC (governance, risk management and compliance) solution for SAP ERP System to help manage compliance and remove/mitigate risks on an ongoing basis. The current process for SAP User Access management, Human Capital Management (HCM) and non-HCM Segregation of Duties (SoD), Emergency Access Management and Role Management are manual paper-based processes managed by BUC's (Business User Controllers) and the SAP Competency Centre. Checking for compliance and segregation of duties is very limited and the business does not have the skills to maintain the matrices at this level on a manual basis due to the complexity of SAP Authorisations. Additional information: BACKGROUND - LANDSCAPE Sellafield has been nearly 80 years in the making. A pioneer for the UK's nuclear industry, it supported national defence, generated electricity for nearly half a century, and developed the ability to safely manage nuclear waste. Each chapter of Sellafield's history delivered great benefit for the country while creating a complex nuclear clean-up challenge for which there are no blueprints. Today, Sellafield covers 6 square kilometres and is home to more than 200 nuclear facilities and the largest inventory of untreated nuclear waste in the world. From cleaning-up the country's highest nuclear risks and hazards to safeguarding nuclear fuel, materials and waste, our mission is nationally important. Our purpose is to keep Sellafield safe and secure, cleaning-up the site to a defined end state. The purpose of this PIN is to understand the capability and capacity of the SAP GRC market. This information will then be used to help determine Sellafield's overall approach and any future acquisition strategy in relation to SAP GRC. Interested parties are requested to provide information on how your Company could provide part or all of the technology required. The tool will enable Sellafield to: - manage regulations and compliance and remove or mitigate any risk in managing key operations. - develop an integrated and centralised approach to GRC which makes the most of automations to ensure that the cost of managing a GRC solution is reduced whilst significantly improving operational effectiveness and value. - demonstrate resilience in managing overall governance, risk management and compliance with regulations, for example, GDPR. Interested parties should refer to the Addition Information section VI.3) in this notice which details the response requirements of this PIN. The priority areas are: * Access Request Management * Segregation of Duties * User Access Reviews * User Behaviour Profiling * Role Management * Emergency Access * Licence Optimisation/Compliance * GDPR Compliance * Audit Compliance * Monitoring/Analytics * Future proofing for S/4 HANA for role migration/testing",
        "status": "planning",
        "classification": {
            "scheme": "CPV",
            "id": "48000000",
            "description": "Software package and information systems"
        },
        "additionalClassifications": [
            {
                "scheme": "CPV",
                "id": "72200000",
                "description": "Software programming and consultancy services"
            }
        ],
        "items": [
            {
                "id": "1",
                "deliveryAddresses": [
                    {
                        "region": "North West",
                        "countryName": "United Kingdom"
                    }
                ]
            }
        ],
        "suitability": {
            "sme": false,
            "vcse": false
        }
    },
    "parties": [
        {
            "id": "GB-SRS-sid4gov.cabinetoffice.gov.uk/V46d8W3T",
            "name": "Sellafield",
            "identifier": {
                "legalName": "Sellafield",
                "scheme": "GB-SRS",
                "id": "sid4gov.cabinetoffice.gov.uk/V46d8W3T"
            },
            "address": {
                "streetAddress": "CTM Portal for the NDA Shared Services Alliance",
                "locality": "Seascale",
                "postalCode": "CA20 1PG",
                "countryName": "England"
            },
            "contactPoint": {
                "name": "Charlotte Inglesfield",
                "email": "charlotte.inglesfield@sellafieldsites.com",
                "telephone": "+44 1946777868"
            },
            "details": {
                "url": "https://www.gov.uk/government/case-studies/shared-services-alliance-ssa-for-nuclear-decommissioning-estate"
            },
            "roles": [
                "buyer"
            ]
        }
    ],
    "buyer": {
        "id": "GB-SRS-sid4gov.cabinetoffice.gov.uk/V46d8W3T",
        "name": "Sellafield"
    }
}