Award

SIA 929 - Autopilot and Configuration Service

SECURITY INDUSTRY AUTHORITY

This public procurement record has 1 release in its history.

Award

30 Apr 2026 at 13:48

Award Notice
Summary of the contracting process

The Security Industry Authority, based in London, has recently completed a tender titled "SIA 929 - Autopilot and Configuration Service" in the software package and information systems industry. This procurement, conducted through a selective method as a call-off from a framework agreement, focuses on delivering a Microsoft Autopilot user-driven implementation. The implementation must adhere to specific technical and customer requirements, including aligning security with the National Cyber Security Center (NCSC) Device Security framework, managing Windows devices, and enhancing device security features. Key dates of this process include the tender period closing on 30th September 2025 and the contract period running from 1st November 2025 to 30th October 2026. The award was made to Phoenix Software Limited, confirming their role as the supplier with a contract value of £16,500.

This tender offers significant business growth opportunities for companies specialising in IT services, particularly those adept at Microsoft configuration and cybersecurity solutions. Businesses with expertise in aligning IT systems with national security frameworks and deploying device management solutions would be well-suited to engage in such projects. Companies that can provide scalable and integrative IT solutions tailored to regulatory standards have the potential to leverage this experience for further expansion in similar sectors and partnerships. The engagement of Phoenix Software Limited hints at the scale and capability required to successfully capture such opportunities.

Find more tenders on our Open Data Platform.
How relevant is this notice?

Notice Information

Notice Title

SIA 929 - Autopilot and Configuration Service

Notice Description

We require professional services to deliver a Microsoft Autopilot user driven implementation within our tenancy to an agreed specification which has been outlined within the following section Autopilot Implementation Customer Requirements The solution must utilise Windows Autopilot for Microsoft Entra joined devices for provisioning and enrolment of new Windows devices to Microsoft Intune. The solution must align Windows 11 device security to the National Cyber Security Center (NCSC) Device Security framework where applicable. The solution must use Win32 application deployment for EXE and MSI installs. Existing line-of-business application deployment must be reviewed and aligned with recommendations for application deployment, managing a list of applications centrally using the Microsoft Company Portal app. The solution must support Windows Autopilot devices connecting to the existing Azure User Tunnel. The solution must centrally manage Windows Defender Antivirus and Firewall settings. The solution must automatically assign a primary user to devices when enrolling to Microsoft Intune. The solution must use Compliance policies to evaluate device health for key security settings such as device encryption, operating system version, and antivirus protection. The solution should remove reliance on PowerShell scripts for security settings and application management. The solution must allow access to on-premises network shares and network printers Microsoft Entra joined devices when connect to the Azure VPN. The solution should provide a means to deploy printer drivers and print queues to Microsoft Entra joined devices. The existing BitLocker Encryption policies should be reviewed and migrated to Endpoint security-backed policies. Autopilot Implementation Technical Requirements The solution must configure Windows Autopilot profiles to use User-Driven mode for Microsoft Entra joined devices. The solution must enable and configure Windows LAPS in Microsoft Entra ID to support managing and rotating local administrator passwords on devices. The solution must use BitLocker settings in Microsoft Intune to silently encrypt Windows Autopilot devices and escrow keys to Microsoft Entra ID. The solution must configure Compliance policies and actions for non-compliance rules based upon agreed configuration and requirements for access. The solution must enable Windows Hello for Business (WHfB) for Windows Autopilot devices to replace username and passwords with Biometrics or a PIN. The solution must introduce Cloud Kerberos trust to support WHfB credentials being used to access on-premises services e.g., file shares. The solution must provide users with the ability to select a wireless network at the login screen. The solution must deploy a set of core applications via Microsoft Intune prior to users being able to access the desktop. Windows devices could receive CIS benchmark configuration, for areas not covered by NCSC Device Security.

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-b5fd17-a9c10c17-5ac3-4bb9-b6b7-a994746892cb
Publication Source
Contracts Finder
Latest Notice
https://www.contractsfinder.service.gov.uk/Notice/4e404298-ac5f-4d75-9e78-824f23425c3d
Current Stage
Award
All Stages
Award

Procurement Classification

Notice Type
Award Notice
Procurement Type
Framework
Procurement Category
Goods
Procurement Method
Selective
Procurement Method Details
Call-off from a framework agreement
Tender Suitability
Not specified
Awardee Scale
Large

Common Procurement Vocabulary (CPV)

CPV Divisions

48 - Software package and information systems

CPV Codes

48000000 - Software package and information systems

Notice Value(s)

Tender Value
£16,500 Under £100K
Lots Value
Not specified
Awards Value
£16,500 Under £100K
Contracts Value
Not specified

Notice Dates

Publication Date
30 Apr 20262 weeks ago
Submission Deadline
30 Sep 2025Expired
Future Notice Date
Not specified
Award Date
18 Nov 20255 months ago
Contract Period
1 Nov 2025 - 30 Oct 2026 6-12 months
Recurrence
Not specified

Notice Status

Tender Status
Complete
Lots Status
Not Specified
Awards Status
Active
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
SECURITY INDUSTRY AUTHORITY
Contact Name
Available with D3 Tenders Premium →
Contact Email
Available with D3 Tenders Premium →
Contact Phone
Available with D3 Tenders Premium →

Buyer Location

Locality
LONDON
Postcode
E14 1UG
Post Town
East London
Country
England
Major Region (ITL 1)
TLI London
Basic Region (ITL 2)
TLI4 Inner London - East
Small Region (ITL 3)
TLI42 Tower Hamlets
Delivery Location
Not specified
Local Authority
Tower Hamlets
Electoral Ward
Mile End
Westminster Constituency
Poplar and Limehouse

Supplier Information

Number of Suppliers
1
Supplier Name

PHOENIX SOFTWARE

Further Information

Notice Documents

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-b5fd17-a9c10c17-5ac3-4bb9-b6b7-a994746892cb-2026-04-30T14:48:54+01:00",
    "date": "2026-04-30T14:48:54+01:00",
    "ocid": "ocds-b5fd17-a9c10c17-5ac3-4bb9-b6b7-a994746892cb",
    "language": "en",
    "initiationType": "tender",
    "tender": {
        "id": "SIA 929 - Autopilot and Configuration Service",
        "title": "SIA 929 - Autopilot and Configuration Service",
        "description": "We require professional services to deliver a Microsoft Autopilot user driven implementation within our tenancy to an agreed specification which has been outlined within the following section Autopilot Implementation Customer Requirements The solution must utilise Windows Autopilot for Microsoft Entra joined devices for provisioning and enrolment of new Windows devices to Microsoft Intune. The solution must align Windows 11 device security to the National Cyber Security Center (NCSC) Device Security framework where applicable. The solution must use Win32 application deployment for EXE and MSI installs. Existing line-of-business application deployment must be reviewed and aligned with recommendations for application deployment, managing a list of applications centrally using the Microsoft Company Portal app. The solution must support Windows Autopilot devices connecting to the existing Azure User Tunnel. The solution must centrally manage Windows Defender Antivirus and Firewall settings. The solution must automatically assign a primary user to devices when enrolling to Microsoft Intune. The solution must use Compliance policies to evaluate device health for key security settings such as device encryption, operating system version, and antivirus protection. The solution should remove reliance on PowerShell scripts for security settings and application management. The solution must allow access to on-premises network shares and network printers Microsoft Entra joined devices when connect to the Azure VPN. The solution should provide a means to deploy printer drivers and print queues to Microsoft Entra joined devices. The existing BitLocker Encryption policies should be reviewed and migrated to Endpoint security-backed policies. Autopilot Implementation Technical Requirements The solution must configure Windows Autopilot profiles to use User-Driven mode for Microsoft Entra joined devices. The solution must enable and configure Windows LAPS in Microsoft Entra ID to support managing and rotating local administrator passwords on devices. The solution must use BitLocker settings in Microsoft Intune to silently encrypt Windows Autopilot devices and escrow keys to Microsoft Entra ID. The solution must configure Compliance policies and actions for non-compliance rules based upon agreed configuration and requirements for access. The solution must enable Windows Hello for Business (WHfB) for Windows Autopilot devices to replace username and passwords with Biometrics or a PIN. The solution must introduce Cloud Kerberos trust to support WHfB credentials being used to access on-premises services e.g., file shares. The solution must provide users with the ability to select a wireless network at the login screen. The solution must deploy a set of core applications via Microsoft Intune prior to users being able to access the desktop. Windows devices could receive CIS benchmark configuration, for areas not covered by NCSC Device Security.",
        "status": "complete",
        "classification": {
            "scheme": "CPV",
            "id": "48000000",
            "description": "Software package and information systems"
        },
        "items": [
            {
                "id": "1",
                "deliveryAddresses": [
                    {
                        "countryName": "United Kingdom"
                    }
                ]
            }
        ],
        "value": {
            "amount": 16500,
            "currency": "GBP"
        },
        "procurementMethod": "selective",
        "procurementMethodDetails": "Call-off from a framework agreement",
        "tenderPeriod": {
            "endDate": "2025-09-30T12:00:00+01:00"
        },
        "contractPeriod": {
            "startDate": "2025-11-01T00:00:00Z",
            "endDate": "2026-10-30T23:59:59Z"
        },
        "suitability": {
            "sme": false,
            "vcse": false
        },
        "mainProcurementCategory": "goods"
    },
    "parties": [
        {
            "id": "GB-GOR-PB264",
            "name": "Security Industry Authority",
            "identifier": {
                "legalName": "Security Industry Authority",
                "scheme": "GB-GOR",
                "id": "PB264"
            },
            "address": {
                "streetAddress": "PO Box 74957",
                "locality": "LONDON",
                "postalCode": "E141UG",
                "countryName": "England"
            },
            "contactPoint": {
                "name": "Jodie Cox",
                "email": "jodie.cox@sia.gov.uk",
                "telephone": "02070254191"
            },
            "roles": [
                "buyer"
            ]
        },
        {
            "id": "GB-COH-02548628",
            "name": "Phoenix Software Limited",
            "identifier": {
                "legalName": "Phoenix Software Limited",
                "scheme": "GB-COH",
                "id": "02548628"
            },
            "address": {
                "streetAddress": "Blenheim House, York Road, Pocklington, York, YO42 1NS"
            },
            "details": {
                "scale": "large",
                "vcse": false
            },
            "roles": [
                "supplier"
            ]
        }
    ],
    "buyer": {
        "id": "GB-GOR-PB264",
        "name": "Security Industry Authority"
    },
    "awards": [
        {
            "id": "ocds-b5fd17-a9c10c17-5ac3-4bb9-b6b7-a994746892cb-1",
            "status": "active",
            "date": "2025-11-18T00:00:00Z",
            "datePublished": "2026-04-30T14:48:54+01:00",
            "value": {
                "amount": 16500,
                "currency": "GBP"
            },
            "suppliers": [
                {
                    "id": "GB-COH-02548628",
                    "name": "Phoenix Software Limited"
                }
            ],
            "contractPeriod": {
                "startDate": "2025-11-01T00:00:00Z",
                "endDate": "2026-10-30T23:59:59Z"
            },
            "documents": [
                {
                    "id": "1",
                    "documentType": "awardNotice",
                    "description": "Awarded contract notice on Contracts Finder",
                    "url": "https://www.contractsfinder.service.gov.uk/Notice/4e404298-ac5f-4d75-9e78-824f23425c3d",
                    "datePublished": "2026-04-30T14:48:54+01:00",
                    "format": "text/html",
                    "language": "en"
                }
            ]
        }
    ]
}