Notice Information
Notice Title
Cyber Penetration Testing Services
Notice Description
Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.
Lot Information
Lot 1
Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.
Renewal: 3 years + 1 + 1
Notice Details
Publication & Lifecycle
- Open Contracting ID
- ocds-r6ebe6-0000750053
- Publication Source
- Public Contracts Scotland
- Latest Notice
- https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=FEB498884
- Current Stage
- Award
- All Stages
- Tender, Award
Procurement Classification
- Notice Type
- PCS Notice - Website Contract Award Notice
- Procurement Type
- Standard
- Procurement Category
- Services
- Procurement Method
- Open
- Procurement Method Details
- Open procedure
- Tender Suitability
- Not specified
- Awardee Scale
- SME
Common Procurement Vocabulary (CPV)
- CPV Divisions
72 - IT services: consulting, software development, Internet and support
-
- CPV Codes
72222300 - Information technology services
Notice Value(s)
- Tender Value
- £90,000 Under £100K
- Lots Value
- Not specified
- Awards Value
- Not specified
- Contracts Value
- £25,650 Under £100K
Notice Dates
- Publication Date
- 16 Feb 20242 years ago
- Submission Deadline
- 1 Dec 2023Expired
- Future Notice Date
- Not specified
- Award Date
- 15 Feb 20242 years ago
- Contract Period
- 8 Jan 2024 - 7 Jan 2027 3-4 years
- Recurrence
- Not specified
Notice Status
- Tender Status
- Complete
- Lots Status
- Complete
- Awards Status
- Not Specified
- Contracts Status
- Active
Buyer & Supplier
Contracting Authority (Buyer)
- Main Buyer
- CLYDE VALLEY HOUSING ASSOCIATION LIMITED
- Contact Name
- Not specified
- Contact Email
- cvha@cvha.org.uk
- Contact Phone
- +44 1698268855
Buyer Location
- Locality
- MOTHERWELL
- Postcode
- ML1 1PN
- Post Town
- Motherwell
- Country
- Scotland
-
- Major Region (ITL 1)
- TLM Scotland
- Basic Region (ITL 2)
- TLM3 West Central Scotland
- Small Region (ITL 3)
- TLM34 North Lanarkshire
- Delivery Location
- TLM84 North Lanarkshire
-
- Local Authority
- North Lanarkshire
- Electoral Ward
- Motherwell North
- Westminster Constituency
- Motherwell, Wishaw and Carluke
Further Information
Notice Documents
-
https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=1
10th November 2023 - ITT - Cyber Penetration Testing -
https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=2
10th November 2023 - SPD - Cyber Penetration Testing -
https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=3
10th November 2023 - Pricing -
https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=4
10th November 2023 - Terms and conditions -
https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=NOV492395
Cyber Penetration Testing Services - Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations. -
https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=FEB498884
Cyber Penetration Testing Services - Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.
Open Contracting Data Standard (OCDS)
View full OCDS Record for this contracting process
The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts.
{
"tag": [
"compiled"
],
"id": "ocds-r6ebe6-0000750053-2024-02-16T00:00:00Z",
"date": "2024-02-16T00:00:00Z",
"ocid": "ocds-r6ebe6-0000750053",
"initiationType": "tender",
"parties": [
{
"id": "org-139",
"name": "Clyde Valley Housing Association Limited",
"identifier": {
"legalName": "Clyde Valley Housing Association Limited"
},
"address": {
"streetAddress": "50 Scott Street",
"locality": "Motherwell",
"region": "UK",
"postalCode": "ML1 1PN"
},
"contactPoint": {
"email": "cvha@cvha.org.uk",
"telephone": "+44 1698268855",
"faxNumber": "+44 1698268855",
"url": "https://www.publiccontractsscotland.gov.uk/"
},
"roles": [
"buyer",
"centralPurchasingBody"
],
"details": {
"classifications": [
{
"id": "Housing Association",
"scheme": "TED_CA_TYPE"
},
{
"id": "06",
"description": "Housing and community amenities",
"scheme": "COFOG"
},
{
"id": "Body governed by public law",
"scheme": "TED_CA_TYPE"
}
],
"url": "https://cvha.org.uk/"
}
},
{
"id": "org-140",
"name": "CVHA",
"identifier": {
"legalName": "CVHA"
},
"address": {
"streetAddress": "50 SCOTT STREET",
"locality": "MOTHERWELL",
"postalCode": "ML1 1PN"
},
"contactPoint": {
"email": "lisa.hughes@cvha.org.uk",
"url": "https://cvha.org.uk/"
},
"roles": [
"reviewBody"
]
},
{
"id": "org-223",
"name": "Clyde Valley Housing Association Limited",
"identifier": {
"legalName": "Clyde Valley Housing Association Limited"
},
"address": {
"streetAddress": "50 Scott Street",
"locality": "Motherwell",
"region": "UK",
"postalCode": "ML1 1PN"
},
"contactPoint": {
"email": "cvha@cvha.org.uk",
"telephone": "+44 1698268855",
"faxNumber": "+44 1698268855",
"url": "http://"
},
"roles": [
"buyer",
"centralPurchasingBody"
],
"details": {
"classifications": [
{
"id": "Housing Association",
"scheme": "TED_CA_TYPE"
},
{
"id": "06",
"description": "Housing and community amenities",
"scheme": "COFOG"
}
],
"url": "https://cvha.org.uk/"
}
},
{
"id": "org-224",
"name": "Dionach Ltd",
"identifier": {
"legalName": "Dionach Ltd"
},
"address": {
"streetAddress": "4th Floor, 94 Hope Street",
"locality": "Glasgow",
"region": "UKM82",
"postalCode": "G2 6PH"
},
"roles": [
"supplier"
],
"details": {
"scale": "sme",
"url": "http://"
}
},
{
"id": "org-225",
"name": "CVHA",
"identifier": {
"legalName": "CVHA"
},
"address": {
"streetAddress": "50 SCOTT STREET",
"locality": "MOTHERWELL",
"postalCode": "ML1 1PN"
},
"contactPoint": {
"email": "lisa.hughes@cvha.org.uk",
"url": "https://cvha.org.uk/"
},
"roles": [
"reviewBody"
]
}
],
"buyer": {
"name": "Clyde Valley Housing Association Limited",
"id": "org-223"
},
"tender": {
"id": "ocds-r6ebe6-0000750053",
"title": "Cyber Penetration Testing Services",
"description": "Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.",
"status": "complete",
"items": [
{
"id": "1",
"additionalClassifications": [
{
"id": "72222300",
"scheme": "CPV"
}
],
"deliveryLocation": {
"description": "Motherwell"
},
"deliveryAddresses": [
{
"region": "UKM84"
},
{
"region": "UKM84"
}
],
"relatedLot": "1"
}
],
"value": {
"amount": 90000,
"currency": "GBP"
},
"procurementMethod": "open",
"procurementMethodDetails": "Open procedure",
"mainProcurementCategory": "services",
"submissionMethod": [
"electronicSubmission"
],
"submissionMethodDetails": "https://www.publiccontractsscotland.gov.uk/",
"tenderPeriod": {
"endDate": "2023-12-01T12:00:00Z"
},
"awardPeriod": {
"startDate": "2024-01-08T12:00:00Z"
},
"documents": [
{
"id": "NOV492395",
"documentType": "contractNotice",
"title": "Cyber Penetration Testing Services",
"description": "Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.",
"url": "https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=NOV492395",
"format": "text/html"
},
{
"id": "economic",
"documentType": "economicSelectionCriteria"
},
{
"id": "technical",
"documentType": "technicalSelectionCriteria"
},
{
"id": "NOV492395-1",
"title": "ITT - Cyber Penetration Testing",
"url": "https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=1",
"datePublished": "2023-11-10T15:17:11Z",
"dateModified": "2023-11-10T15:17:11Z",
"format": "application/pdf"
},
{
"id": "NOV492395-2",
"title": "SPD - Cyber Penetration Testing",
"url": "https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=2",
"datePublished": "2023-11-10T15:17:11Z",
"dateModified": "2023-11-10T15:17:11Z",
"format": "application/vnd.openxmlformats-officedocument.wordprocessingml.document"
},
{
"id": "NOV492395-3",
"title": "Pricing",
"url": "https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=3",
"datePublished": "2023-11-10T15:17:11Z",
"dateModified": "2023-11-10T15:17:11Z",
"format": "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"
},
{
"id": "NOV492395-4",
"title": "Terms and conditions",
"url": "https://www.publiccontractsscotland.gov.uk/NoticeDownload/DownloadDocument.aspx?id=NOV492395&idx=4",
"datePublished": "2023-11-10T15:17:11Z",
"dateModified": "2023-11-10T15:17:11Z",
"format": "application/pdf"
},
{
"id": "FEB498884",
"documentType": "awardNotice",
"title": "Cyber Penetration Testing Services",
"description": "Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.",
"url": "https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=FEB498884",
"format": "text/html"
}
],
"lots": [
{
"id": "1",
"description": "Scope of Work The selected vendor will be responsible for performing the following scope of work: a. Bi-annual (March & November) testing on the following: i. Website Penetration Testing of 2 Websites: - Conduct a thorough assessment of our website's security vulnerabilities. - Identify and exploit potential weaknesses in web applications. - Evaluate the website's resilience against common attack vectors. - Provide recommendations for remediation based on the findings. ii. External Network Penetration Testing: - Assess the security of our external network infrastructure. - Identify and exploit potential vulnerabilities in network devices. - Evaluate the effectiveness of firewall configurations. - Test for unauthorized access to sensitive data. - Provide recommendations for improving network security. iii. Web Application Services Penetration Testing of 2 Services: - Evaluate the security of web application services used by our organization. - Identify potential security flaws in these services. - Test for data leakage and unauthorized access. - Provide recommendations for enhancing the security of third-party integrations.",
"status": "complete",
"hasOptions": false,
"submissionTerms": {
"variantPolicy": "notAllowed",
"electronicCataloguePolicy": "required"
},
"contractPeriod": {
"startDate": "2024-01-08T00:00:00Z",
"endDate": "2027-01-07T00:00:00Z"
},
"hasRenewal": true,
"renewal": {
"description": "3 years + 1 + 1"
}
}
],
"bidOpening": {
"date": "2024-01-08T12:00:00Z"
},
"contractTerms": {
"hasElectronicPayment": true,
"hasElectronicOrdering": true,
"electronicInvoicingPolicy": "allowed"
},
"coveredBy": [
"GPA"
],
"selectionCriteria": {
"criteria": [
{
"type": "suitability",
"description": "Credentials of certifications to be included as relevant experience and qualification"
}
]
},
"submissionTerms": {
"languages": [
"en"
],
"bidValidityPeriod": {
"endDate": "2024-04-08T00:00:00Z"
}
},
"classification": {
"id": "72222300",
"scheme": "CPV"
},
"hasRecurrence": false
},
"language": "EN",
"description": "(SC Ref:758417)",
"links": [
{
"rel": "canonical",
"href": "https://api.publiccontractsscotland.gov.uk/v1/Notice?id=ocds-r6ebe6-0000750053"
},
{
"rel": "canonical",
"href": "https://api.publiccontractsscotland.gov.uk/v1/Notice?id=ocds-r6ebe6-0000750053"
}
],
"noticetype": "PCS Notice - Website Contract Award Notice",
"awards": [
{
"id": "ocds-r6ebe6-0000750053-1",
"suppliers": [
{
"id": "org-224",
"name": "Dionach Ltd"
}
],
"relatedLots": [
"1"
]
}
],
"contracts": [
{
"id": "ocds-r6ebe6-0000750053-1",
"awardID": "ocds-r6ebe6-0000750053-1",
"status": "active",
"value": {
"amount": 25650,
"currency": "GBP"
},
"dateSigned": "2024-02-15T00:00:00Z"
}
],
"bids": {
"statistics": [
{
"id": "724",
"measure": "bids",
"value": 26,
"relatedLot": "1"
},
{
"id": "725",
"measure": "smeBids",
"value": 26,
"relatedLot": "1"
},
{
"id": "726",
"measure": "foreignBidsFromEU",
"value": 26,
"relatedLot": "1"
},
{
"id": "727",
"measure": "foreignBidsFromNonEU",
"value": 0,
"relatedLot": "1"
},
{
"id": "728",
"measure": "electronicBids",
"value": 26,
"relatedLot": "1"
}
]
}
}