Notice Information
Notice Title
PENETRATION TESTING SERVICES
Notice Description
As part of the separation from National Grid Group and transformation into NESO under UK Government ownership, NESO are looking to create their own penetration testing framework to ensure that we can provide assurance over the security of our systems and provide a secure service to Great Britain. To achieve this, NESO requires a penetration testing panel of at least three members who can provide in-depth penetration testing services, covering a range of localised testing, such as web-app or infrastructure testing, as well as simulated attack exercises.
Lot Information
Lot 1
NESO require a penetration testing service provider that can: Provide Infrastructure, Web Application, API and Web Application security testing. Provide simulated attack exercising services (Purple/Red Teams). Provide CHECK accredited penetration testers to complete testing. Where necessary, provide penetration testers who have achieved UK Gov Security Clearance Provide highly accurate reporting of vulnerabilities within the in-scope systems. Provide resource for testing with a no longer than 1 month lead time. Provide resource with knowledge and experience of testing on Critical National Infrastructure (CNI) environments, and the risk associated, where applicable to the scope of testing. Additional information: Contract duration Flexible, agile framework contract that can be scaled-up or down based on business requirements. Compliance with the Utilities Contracts Regulations 2016 Initial contract duration 3-year contract, with the possibility for 2 one year contract extensions Participation requirements: All suppliers wishing to participate in the tender process must register with Achilles via the UVDB code 2.1.23-Cyber security consulting or services for the event by the 31st January 2025.
Notice Details
Publication & Lifecycle
- Open Contracting ID
- ocds-h6vhtk-04cf69
- Publication Source
- Find A Tender Service
- Latest Notice
- https://www.find-tender.service.gov.uk/Notice/000974-2025
- Current Stage
- Planning
- All Stages
- Planning
Procurement Classification
- Notice Type
- Planning Notice
- Procurement Type
- Standard
- Procurement Category
- Goods
- Procurement Method
- Not Specified
- Procurement Method Details
- Not specified
- Tender Suitability
- Not specified
- Awardee Scale
- Not specified
Common Procurement Vocabulary (CPV)
- CPV Divisions
48 - Software package and information systems
-
- CPV Codes
48200000 - Networking, Internet and intranet software package
48400000 - Business transaction and personal business software package
48500000 - Communication and multimedia software package
Notice Value(s)
- Tender Value
- £750,000 £500K-£1M
- Lots Value
- Not specified
- Awards Value
- Not specified
- Contracts Value
- Not specified
Notice Dates
- Publication Date
- 13 Jan 20251 years ago
- Submission Deadline
- 31 Jan 2025Expired
- Future Notice Date
- 30 Aug 2025Expired
- Award Date
- Not specified
- Contract Period
- Not specified - Not specified
- Recurrence
- Not specified
Notice Status
- Tender Status
- Planned
- Lots Status
- Planned
- Awards Status
- Not Specified
- Contracts Status
- Not Specified
Buyer & Supplier
Contracting Authority (Buyer)
- Main Buyer
- NATIONAL ENERGY SYSTEM OPERATOR LIMITED
- Contact Name
- Steve Birch
- Contact Email
- steve.birch@nationalenergyso.com
- Contact Phone
- Not specified
Buyer Location
- Locality
- WOKINGHAM
- Postcode
- RG41 5BN
- Post Town
- Reading
- Country
- England
-
- Major Region (ITL 1)
- TLJ South East (England)
- Basic Region (ITL 2)
- TLJ1 Berkshire, Buckinghamshire and Oxfordshire
- Small Region (ITL 3)
- TLJ16 Berkshire West
- Delivery Location
- Not specified
-
- Local Authority
- Wokingham
- Electoral Ward
- Winnersh
- Westminster Constituency
- Wokingham
Further Information
Notice URLs
Open Contracting Data Standard (OCDS)
View full OCDS Record for this contracting process
The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts.
{
"tag": [
"compiled"
],
"id": "ocds-h6vhtk-04cf69-2025-01-13T09:30:23Z",
"date": "2025-01-13T09:30:23Z",
"ocid": "ocds-h6vhtk-04cf69",
"description": "This PIN is not a call for competition. NESO is not obliged to respond to any correspondence related to this notice. Direct or indirect canvassing of NESO (or any person connected with it) by any person concerning this notice, or any attempt to procure information outside of the defined process is discouraged and may (in certain circumstances) require the disqualification of the relevant person(s) from participation in any future competitive procurement process. All information provided by NESO in this PIN is at an early stage of development and is not intended by NESO to create any contract or other commitment and is not intended by NESO to be otherwise relied on by any person to any extent. NESO shall have no liability for any losses incurred by any person as a result any such reliance. You must be registered against all Achilles UVDB code: 2.1.23-Cyber security consulting or services.to be invited to the Pre-Qualification Stage, In this PIN all reference to a contract notice should be read as referring to an advertisement on Achilles UVDB and not a find a tender contract notice. You must be registered against all Achilles UVDB codes to be invited to the Pre-Qualification Stage. The required level is UVDB Silver Plus. You can also reach out to Desta Wheeler desta.wheeler@achilles.com who can support any issues with completion of your registration process on Achilles UVDB ahead of the qualification event commencing in April: provided that it is the sole responsibility of each interested supplier to ensure that it is properly registered on Achilles UVDB Silver Plus on time and NESO accepts no responsibility for any failure to register on time regardless of the reasons for that.",
"initiationType": "tender",
"tender": {
"id": "ocds-h6vhtk-04cf69",
"legalBasis": {
"id": "32014L0025",
"scheme": "CELEX"
},
"title": "PENETRATION TESTING SERVICES",
"status": "planned",
"classification": {
"scheme": "CPV",
"id": "48200000",
"description": "Networking, Internet and intranet software package"
},
"mainProcurementCategory": "goods",
"description": "As part of the separation from National Grid Group and transformation into NESO under UK Government ownership, NESO are looking to create their own penetration testing framework to ensure that we can provide assurance over the security of our systems and provide a secure service to Great Britain. To achieve this, NESO requires a penetration testing panel of at least three members who can provide in-depth penetration testing services, covering a range of localised testing, such as web-app or infrastructure testing, as well as simulated attack exercises.",
"value": {
"amount": 750000,
"currency": "GBP"
},
"lots": [
{
"id": "1",
"description": "NESO require a penetration testing service provider that can: Provide Infrastructure, Web Application, API and Web Application security testing. Provide simulated attack exercising services (Purple/Red Teams). Provide CHECK accredited penetration testers to complete testing. Where necessary, provide penetration testers who have achieved UK Gov Security Clearance Provide highly accurate reporting of vulnerabilities within the in-scope systems. Provide resource for testing with a no longer than 1 month lead time. Provide resource with knowledge and experience of testing on Critical National Infrastructure (CNI) environments, and the risk associated, where applicable to the scope of testing. Additional information: Contract duration Flexible, agile framework contract that can be scaled-up or down based on business requirements. Compliance with the Utilities Contracts Regulations 2016 Initial contract duration 3-year contract, with the possibility for 2 one year contract extensions Participation requirements: All suppliers wishing to participate in the tender process must register with Achilles via the UVDB code 2.1.23-Cyber security consulting or services for the event by the 31st January 2025.",
"status": "planned"
}
],
"items": [
{
"id": "1",
"additionalClassifications": [
{
"scheme": "CPV",
"id": "48200000",
"description": "Networking, Internet and intranet software package"
},
{
"scheme": "CPV",
"id": "48400000",
"description": "Business transaction and personal business software package"
},
{
"scheme": "CPV",
"id": "48500000",
"description": "Communication and multimedia software package"
}
],
"deliveryAddresses": [
{
"region": "UK"
}
],
"relatedLot": "1"
}
],
"communication": {
"futureNoticeDate": "2025-08-31T00:00:00+01:00"
},
"tenderPeriod": {
"endDate": "2025-01-31T15:00:00Z"
},
"submissionTerms": {
"languages": [
"en"
]
}
},
"parties": [
{
"id": "GB-FTS-134787",
"name": "NATIONAL ENERGY SYSTEM OPERATOR LIMITED",
"identifier": {
"legalName": "NATIONAL ENERGY SYSTEM OPERATOR LIMITED",
"id": "11014226",
"schemeEntered": "NATIONAL ENERGY SYSTEM OPERATOR"
},
"address": {
"streetAddress": "St. Catherines Lodge",
"locality": "WOKINGHAM",
"region": "UK",
"postalCode": "RG415BN",
"countryName": "United Kingdom"
},
"contactPoint": {
"name": "Steve Birch",
"email": "steve.birch@nationalenergyso.com"
},
"roles": [
"buyer"
],
"details": {
"url": "https://www.neso.energy/about-neso",
"buyerProfile": "https://www.neso.energy/about-neso",
"classifications": [
{
"scheme": "TED_CE_ACTIVITY",
"id": "ELECTRICITY",
"description": "Electricity"
}
]
}
}
],
"buyer": {
"id": "GB-FTS-134787",
"name": "NATIONAL ENERGY SYSTEM OPERATOR LIMITED"
},
"language": "en"
}