Notice Information
Notice Title
Future of Cyber Compliance
Notice Description
Awarded contract to a supplier to undertake a business review of the Cyber Compliance Regulatory and Organisational Requirements
Lot Information
Lot 1
This work aims to examine and deliver a set of options that outline the core minimum capacity and capability needed to provide an effective regulator under NIS for Road, Rail and Maritime. Regulation of aviation under NIS is out of scope of this project. This work will need to: * articulate the duties the regulator will need to fulfill, noting not only the changes under the Cyber Security & Resilience (NIS) Bill, but the potential for changes to designation thresholds that may increase the number of regulated operators or bring future transport sub-sectors into scope. * examine how other cyber regulators operate and are adapting to legislative changes and consider the benefits of enforcement delivered through a range of delivery partners. This may include expanding the remit of other existing regulators to include cyber security as well as delivering some duties through commercial partners (such as audits).
Procurement Information
Undertaken the procurement via an existing Government Commercial Agency Framework
Notice Details
Publication & Lifecycle
- Open Contracting ID
- ocds-h6vhtk-06829b
- Publication Source
- Find A Tender Service
- Latest Notice
- https://www.find-tender.service.gov.uk/Notice/034044-2026
- Current Stage
- Award
- All Stages
- Award
Procurement Classification
- Notice Type
- Award Notice
- Procurement Type
- Standard
- Procurement Category
- Services
- Procurement Method
- Limited
- Procurement Method Details
- Award procedure without prior publication of a call for competition
- Tender Suitability
- Not specified
- Awardee Scale
- Large
Common Procurement Vocabulary (CPV)
- CPV Divisions
79 - Business services: law, marketing, consulting, recruitment, printing and security
-
- CPV Codes
79400000 - Business and management consultancy and related services
Notice Value(s)
- Tender Value
- Not specified
- Lots Value
- Not specified
- Awards Value
- Not specified
- Contracts Value
- £346,000 £100K-£500K
Notice Dates
- Publication Date
- 15 Apr 20261 weeks ago
- Submission Deadline
- Not specified
- Future Notice Date
- Not specified
- Award Date
- 13 Apr 20261 weeks ago
- Contract Period
- Not specified - Not specified
- Recurrence
- Not specified
Notice Status
- Tender Status
- Complete
- Lots Status
- Cancelled
- Awards Status
- Active
- Contracts Status
- Active
Buyer & Supplier
Contracting Authority (Buyer)
- Main Buyer
- DEPARTMENT FOR TRANSPORT
- Contact Name
- Available with D3 Tenders Premium →
- Contact Email
- Available with D3 Tenders Premium →
- Contact Phone
- Available with D3 Tenders Premium →
Buyer Location
- Locality
- LONDON
- Postcode
- SW1P 4DR
- Post Town
- South West London
- Country
- England
-
- Major Region (ITL 1)
- TLI London
- Basic Region (ITL 2)
- TLI3 Inner London - West
- Small Region (ITL 3)
- TLI35 Westminster and City of London
- Delivery Location
- TLI London
-
- Local Authority
- Westminster
- Electoral Ward
- Vincent Square
- Westminster Constituency
- Cities of London and Westminster
Further Information
Notice URLs
Open Contracting Data Standard (OCDS)
View full OCDS Record for this contracting process
The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts.
{
"tag": [
"compiled"
],
"id": "ocds-h6vhtk-06829b-2026-04-15T10:22:54+01:00",
"date": "2026-04-15T10:22:54+01:00",
"ocid": "ocds-h6vhtk-06829b",
"initiationType": "tender",
"tender": {
"id": "ocds-h6vhtk-06829b",
"legalBasis": {
"id": "32014L0024",
"scheme": "CELEX"
},
"title": "Future of Cyber Compliance",
"status": "complete",
"classification": {
"scheme": "CPV",
"id": "79400000",
"description": "Business and management consultancy and related services"
},
"mainProcurementCategory": "services",
"description": "Awarded contract to a supplier to undertake a business review of the Cyber Compliance Regulatory and Organisational Requirements",
"lots": [
{
"id": "1",
"description": "This work aims to examine and deliver a set of options that outline the core minimum capacity and capability needed to provide an effective regulator under NIS for Road, Rail and Maritime. Regulation of aviation under NIS is out of scope of this project. This work will need to: * articulate the duties the regulator will need to fulfill, noting not only the changes under the Cyber Security & Resilience (NIS) Bill, but the potential for changes to designation thresholds that may increase the number of regulated operators or bring future transport sub-sectors into scope. * examine how other cyber regulators operate and are adapting to legislative changes and consider the benefits of enforcement delivered through a range of delivery partners. This may include expanding the remit of other existing regulators to include cyber security as well as delivering some duties through commercial partners (such as audits).",
"awardCriteria": {
"criteria": [
{
"name": "Experience",
"type": "quality",
"description": "25"
},
{
"name": "Solutions Methodology",
"type": "quality",
"description": "25"
},
{
"name": "Contract Management",
"type": "quality",
"description": "10"
},
{
"name": "Social Value",
"type": "quality",
"description": "10"
},
{
"name": "Price",
"type": "quality",
"description": "30"
},
{
"type": "price",
"description": "70/30"
}
]
},
"hasOptions": false,
"status": "cancelled"
}
],
"items": [
{
"id": "1",
"deliveryAddresses": [
{
"region": "UKI"
}
],
"relatedLot": "1"
}
],
"procurementMethod": "limited",
"procurementMethodDetails": "Award procedure without prior publication of a call for competition",
"coveredBy": [
"GPA"
],
"procurementMethodRationaleClassifications": [
{
"id": "D_OUTSIDE_SCOPE",
"scheme": "TED_PT_AWARD_CONTRACT_WITHOUT_CALL",
"description": "The procurement falls outside the scope of application of the directive"
}
],
"procurementMethodRationale": "Undertaken the procurement via an existing Government Commercial Agency Framework"
},
"awards": [
{
"id": "034044-2026-TRAI3012-1",
"relatedLots": [
"1"
],
"title": "Future of Cyber Compliance",
"status": "active",
"suppliers": [
{
"id": "GB-FTS-12108",
"name": "KPMG LLP"
}
]
}
],
"parties": [
{
"id": "GB-FTS-38071",
"name": "Department for Transport",
"identifier": {
"legalName": "Department for Transport"
},
"address": {
"locality": "London",
"region": "UKI",
"postalCode": "SW1P 4DR",
"countryName": "United Kingdom"
},
"contactPoint": {
"email": "dftc.procurement@dft.gov.uk"
},
"roles": [
"buyer",
"centralPurchasingBody"
],
"details": {
"url": "http://www.dft.gov.uk",
"classifications": [
{
"id": "BODY_PUBLIC",
"scheme": "TED_CA_TYPE",
"description": "Body governed by public law"
},
{
"id": "04",
"scheme": "COFOG",
"description": "Economic affairs"
}
]
}
},
{
"id": "GB-FTS-12108",
"name": "KPMG LLP",
"identifier": {
"legalName": "KPMG LLP"
},
"address": {
"locality": "London",
"region": "UKI",
"countryName": "United Kingdom"
},
"roles": [
"supplier"
],
"details": {
"scale": "large"
}
},
{
"id": "GB-FTS-569",
"name": "Cabinet Office",
"identifier": {
"legalName": "Cabinet Office"
},
"address": {
"locality": "London",
"countryName": "United Kingdom"
},
"roles": [
"reviewBody"
]
}
],
"buyer": {
"id": "GB-FTS-38071",
"name": "Department for Transport"
},
"contracts": [
{
"id": "034044-2026-TRAI3012-1",
"awardID": "034044-2026-TRAI3012-1",
"title": "Future of Cyber Compliance",
"status": "active",
"value": {
"amount": 346000,
"currency": "GBP"
},
"dateSigned": "2026-04-14T00:00:00+01:00"
}
],
"bids": {
"statistics": [
{
"id": "1",
"measure": "bids",
"relatedLot": "1",
"value": 8
}
]
},
"language": "en"
}