{ "tag": [ "compiled" ], "id": "ocds-h6vhtk-069b2e-2026-05-18T15:49:33+01:00", "date": "2026-05-18T15:49:33+01:00", "ocid": "ocds-h6vhtk-069b2e", "initiationType": "tender", "parties": [ { "id": "GB-COH-05154485", "name": "FIRST RAIL HOLDINGS LIMITED", "identifier": { "scheme": "GB-COH", "id": "05154485" }, "additionalIdentifiers": [ { "scheme": "GB-PPON", "id": "PPVJ-1479-GGLX" } ], "address": { "streetAddress": "8th Floor The Point", "locality": "London", "postalCode": "W2 1AF", "country": "GB", "countryName": "United Kingdom", "region": "UKI32" }, "contactPoint": { "email": "firstprocurementservices@firstrail.com" }, "roles": [ "buyer" ], "details": { "url": "http://www.firstgroupplc.com", "classifications": [ { "id": "privateUtility", "scheme": "UK_CA_TYPE", "description": "Private utility" } ] } }, { "id": "GB-COH-05113733", "name": "FIRST GREATER WESTERN LIMITED", "identifier": { "scheme": "GB-COH", "id": "05113733" }, "additionalIdentifiers": [ { "scheme": "GB-PPON", "id": "PXVG-2764-GZCQ" } ], "address": { "streetAddress": "Milford House 1 Milford Street", "locality": "Wiltshire", "postalCode": "SN1 1HL", "country": "GB", "countryName": "United Kingdom", "region": "UKK14" }, "contactPoint": { "email": "procurement@gwr.com" }, "roles": [ "buyer" ], "details": { "classifications": [ { "id": "privateUtility", "scheme": "UK_CA_TYPE", "description": "Private utility" } ] } }, { "id": "GB-COH-10349442", "name": "FIRST TRENITALIA WEST COAST RAIL LIMITED", "identifier": { "scheme": "GB-COH", "id": "10349442" }, "additionalIdentifiers": [ { "scheme": "GB-PPON", "id": "PGLQ-8629-CMPG" } ], "address": { "streetAddress": "8th Floor The Point", "locality": "London", "postalCode": "W2 1AF", "country": "GB", "countryName": "United Kingdom", "region": "UKI32" }, "contactPoint": { "email": "procurement@avantiwestcoast.co.uk" }, "roles": [ "buyer" ], "details": { "classifications": [ { "id": "publicUndertaking", "scheme": "UK_CA_TYPE", "description": "Public undertaking" } ] } } ], "buyer": { "id": "GB-COH-05154485", "name": "FIRST RAIL HOLDINGS LIMITED" }, "tender": { "id": "FX1376", "legalBasis": { "id": "2023/54", "scheme": "UKPGA", "uri": "https://www.legislation.gov.uk/ukpga/2023/54/contents" }, "title": "First Cyber Security Tooling & Managed Services Tender", "description": "Lot - 1: FRH Cyber Security Tooling & Managed Services for GWR & AWC AI-powered managed cybersecurity is essential to counter a threat landscape marked by short attack timelines and sophisticated automated attacks. To address this, the organisation will procure a single integrated 24/7 managed security service covering Email Security, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM). The solution uses AI-driven automation, machine learning, and a managed SOC model to deliver real-time detection, triage, containment, and recovery across the estate. Automated detection and response reduce alert fatigue, cut mean time to respond (MTTR) and eliminate workflow bottlenecks that inhibit manual or traditional SOC operations. AI-powered response enables machine-speed containment for threats detected anywhere across the network, endpoint, email, and cloud services, while ensuring seamless integration of new and existing tooling. *- Strategic Objectives Enhance Threat Detection and Response Capabilities: Use AI-powered analysis and automation across email, endpoints, networks, and cloud environments for real-time detection and disruption of evolving threats, including zero-day attacks and business email compromise. The service provides real-time, data-driven insights and analytics, ensuring high-fidelity detection and response across all monitored domains. Reduce Dwell Time: AI automation enables rapid correlation and response, reducing dwell time from days to minutes in managed environments by minimising manual analysis lags and increasing accuracy through automated playbooks for containment actions. Ensure Regulatory Compliance: Continuous monitoring, automated reporting, and audit-grade response documentation support compliance mandates (e.g., GDPR, NIS2) and provide ready evidence for regulatory investigations. Ensure alignment and certification to industry best practices CSO/IEC 42001 (Artificial Intelligence Management System), ISO/IEC 27001 (Information Security Management System), ISO 22301 (Business Continuity Management System (BCMS)), Cyber Essentials, and Cyber Essentials Plus. Enable Proactive Defence: The solution supports automated threat hunting and anomaly detection to intervene early in the attack lifecycle, rather than relying solely on alert-based or reactive workflows. Optimise Resource Allocation: Automated detection and response to significantly reduce time spent dealing with email-based threats, allowing staff to focus on higher-value work. *- Scope of Services The organisation seeks a 24/7 fully managed security service covering: AI-driven Email Security, integrating threat intelligence and auto-remediation (using technologies such as Mimecast and Microsoft Defender). AI-driven NDR with behaviour analytics, automated response, and cloud app coverage (including M365, leveraging DarkTrace). AI-driven EDR integrated with SIEM, delivering automated detection, triage, and containment. AI-driven SIEM with unified log collection, AI-powered correlation, and enrichment from endpoint, network, and email telemetry. Wide compatibility and integration with common enterprise IaaS, PaaS and SaaS providers. Automated response and proactive threat hunting are built into the service. AI tunes out false positives in real time. NDR, EDR, and Email Security are orchestrated via SIEM, providing a centralised view and seamless handoff between detection, investigation, and response. *- Key Benefits Value for Money: Competitive tendering for integrated AI-driven managed services enables benchmarking, cost optimisation, and elimination of margin losses from operational inefficiency. Strengthening Security Capability and Outcomes: The solution delivers 24/7 managed detection and response with proven incident investigation, escalation, and rapid containment. Automated triage addresses >90% of alerts, moving human analysts to exception management and threat hunting. Reducing Operational and Delivery Risk: Relying on automated incident response closes the talent gap, addresses analyst burnout, and places delivery risk with suppliers that maintain AI-enhanced SOC capabilities. SLA-driven performance and machine-speed automated actions are formally contracted. Improving Governance, Auditability, and Transparency: Automated, AI-driven audit trails ensure end-to-end traceability of every incident, action, and management decision, enabling regulatory reporting and internal audit compliance. Enabling Scalability and Future Flexibility: AI-driven architecture processes thousands more alerts per day without proportional increases in headcount, supporting scale as business needs and threat volumes evolve. Supporting Compliance and Regulatory Obligations: The managed SOC operates within recognised frameworks (e.g., ISO 27001, ISO 42001, ISO 22301, Cyber Essentials and UK NIS and GDPR) and supplies compliance reporting and rapid incident response evidence proactively. Lot - 2 *- Strengthening Security Capability and Outcomes The scope of this procurement includes the replacement or renewal of several core cybersecurity capabilities, including: - Internet Security Gateway (ISG): Advanced inspection and protection of web traffic to mitigate malicious and high-risk internet activity - Zero Trust Network Access (ZTNA): Secure, identity- and context-based remote access, reducing reliance on legacy VPN solutions - Privileged Access Management (PAM): Control, monitoring, and auditing of privileged identities and access pathways (applicable to Group, Bus and Rail) - AI Governance and Control: Enforcement of policies governing access to internet-based AI services, SaaS platforms, and APIs to prevent unauthorised usage, data leakage, and compliance breaches - CASB and Data Loss Prevention (DLP): Protection of sensitive data across sanctioned and unsanctioned SaaS applications (applicable to Avanti West Coast) The solution must integrate seamlessly with FirstGroup's existing technology and security ecosystem, leveraging artificial intelligence and threat intelligence to enable continuous monitoring, automated policy enforcement, and proactive detection of emerging threats. *- Reducing Operational and Delivery Risk FirstGroup requires autonomous response and intelligent technical policy controls to reduce the operational burden on internal IT and security teams and address skills constraints within the organisation. Suppliers must demonstrate: - Mature and effective security governance frameworks - Robust operational controls and service management processes - Proven capabilities in incident management, access control, and service continuity Given the critical nature of the systems and data involved, cybersecurity is considered a material enterprise risk, and solutions must be resilient, secure, and aligned with best practices. *- Improving Governance, Auditability, and Transparency To ensure consistent assurance across all bidders, shortlisted suppliers will be required to complete the FirstGroup Supplier Information Security Assessment via the RiskXChange platform. This assessment evaluates supplier maturity across key domains, including: - SOC assurance and security operations - IT service management - Secure software development - Business continuity and disaster recovery - Identity and access management - Data protection and privacy - DDoS protection and cloud security governance This approach ensures a high standard of auditability, comparability, and transparency throughout the procurement process. *- Enabling Scalability and Future Flexibility The proposed solution must be scalable, adaptable, and future-ready, capable of supporting: - Evolving business requirements - Hybrid and distributed working models - Increasing adoption of cloud services and AI technologies Automation and AI-driven controls are expected to support a transition from reactive security operations to proactive and preventative security management, including dynamic policy enforcement across web, cloud, and AI service usage. *- Supporting Compliance and Regulatory Obligations Suppliers must provide certification with recognised industry standards, including: - ISO/IEC 27001 (Information Security Management) - ISO 22301 (Business Continuity Management) - ISO/IEC 42001 (Artificial Intelligence Management Systems) - UK NCSC-backed schemes Cyber Essentials and Cyber Essentials Plus In addition, the solution must support compliance with applicable UK regulations, including: - UK GDPR and the Data Protection Act, ensuring lawful, secure, and transparent processing of personal data - UK Network and Information Systems (NIS) Regulations, where applicable, including measures for risk management and incident reporting. *- Strategic Alignment of Tooling This procurement supports the delivery of Cyber Security Tooling for First Rail Holdings, including FirstGroup, FirstBus, FirstBus London, London Cable Car, Hull Trains, Lumo Trains, FirstRailLondon, Trams Operations Ltd (TOL), Air Coach, Avanti West Coast, Great Western Railway. The selected supplier will be responsible for delivering and managing an integrated, end-to-end security capability encompassing: - Internet access security - Cloud and AI governance - Privileged access management - Zero Trust connectivity This will improve overall security effectiveness, operational efficiency, organisational resilience, and regulatory compliance across participating operating companies.", "status": "active", "items": [ { "id": "1", "additionalClassifications": [ { "scheme": "CPV", "id": "48730000", "description": "Security software package" }, { "scheme": "CPV", "id": "79710000", "description": "Security services" } ], "deliveryAddresses": [ { "region": "UK", "country": "GB", "countryName": "United Kingdom" } ], "relatedLot": "1" }, { "id": "2", "additionalClassifications": [ { "scheme": "CPV", "id": "48730000", "description": "Security software package" } ], "deliveryAddresses": [ { "region": "UK", "country": "GB", "countryName": "United Kingdom" } ], "relatedLot": "2" } ], "value": { "amountGross": 4120792, "amount": 3433993, "currency": "GBP" }, "procurementMethod": "open", "procurementMethodDetails": "Competitive flexible procedure", "procedure": { "features": "Suppliers are invited to express their interest (EOI) in participating in either one or both lots. Interested parties will be required to sign a mutual Non-Disclosure Agreement (NDA) and complete a Pre-Qualification Questionnaire (PQQ). The procurement is structured into two lots. The top three scoring suppliers from each PQQ stage will be invited to participate in the respective Invitation to Negotiate (ITN) stage. All compliant submissions received at the ITN stage will be fully evaluated, with contracts awarded to the Most Economically Advantageous Tenderer in accordance with the stated evaluation criteria." }, "mainProcurementCategory": "goods", "additionalProcurementCategories": [ "services" ], "specialRegime": [ "utilities" ], "aboveThreshold": true, "submissionMethodDetails": "https://s2c-uk62.waxdigital.com/FirstGroupPlc/DisplayModules/TradeModules/Negotiations/Opportunities/ViewOpportunityEvent.aspx?EventID=5149&Culture=en-GB", "submissionTerms": { "electronicSubmissionPolicy": "allowed", "languages": [ "en" ] }, "tenderPeriod": { "endDate": "2026-06-17T15:00:00+01:00" }, "awardPeriod": { "endDate": "2027-01-28T23:59:59Z" }, "lots": [ { "id": "1", "title": "FRH Cyber Security Tooling & Managed Services Tender for GWR & AWC", "description": "AI-powered managed cybersecurity is essential to counter a threat landscape marked by short attack timelines and sophisticated automated attacks. To address this, the organisation will procure a single integrated 24/7 managed security service covering Email Security, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM). The solution uses AI-driven automation, machine learning, and a managed SOC model to deliver real-time detection, triage, containment, and recovery across the estate. Automated detection and response reduce alert fatigue, cut mean time to respond (MTTR) and eliminate workflow bottlenecks that inhibit manual or traditional SOC operations. AI-powered response enables machine-speed containment for threats detected anywhere across network, endpoint, email, and cloud services-while ensuring seamless integration of new and existing tooling. 2. Strategic Objectives Enhance Threat Detection and Response Capabilities: Use AI-powered analysis and automation across email, endpoints, networks, and cloud environments for real-time detection and disruption of evolving threats, including zero-day attacks and business email compromise. The service provides real-time, data-driven insights and analytics, ensuring high-fidelity detection and response across all monitored domains. Reduce Dwell Time: AI automation enables rapid correlation and response, reducing dwell time from days to minutes in managed environments by minimising manual analysis lags and increasing accuracy through automated playbooks for containment actions. Ensure Regulatory Compliance: Continuous monitoring, automated reporting, and audit-grade response documentation support compliance mandates (e.g., GDPR, NIS2) and provide ready evidence for regulatory investigations. Ensure alignment and certification to industry best practices CSO/IEC 42001 (Artificial Intelligence Management System), ISO/IEC 27001 (Information Security Management System), ISO 22301 (Business Continuity Management System (BCMS)), Cyber Essentials, and Cyber Essentials Plus. Enable Proactive Defence: The solution supports automated threat hunting and anomaly detection to intervene early in the attack lifecycle, rather than relying solely on alert-based or reactive workflows. Optimise Resource Allocation: Automated detection and response to significantly reduce time spent dealing with email-based threats, allowing staff to focus on higher-value work. 3. Scope of Services The organisation seeks a 24/7 fully managed security service covering: AI-driven Email Security, integrating threat intelligence and auto-remediation (using technologies such as Mimecast and Microsoft Defender). AI-driven NDR with behaviour analytics, automated response, and cloud app coverage (including M365, leveraging DarkTrace). AI-driven EDR integrated with SIEM, delivering automated detection, triage, and containment. AI-driven SIEM with unified log collection, AI-powered correlation, and enrichment from endpoint, network, and email telemetry. Wide compatibility and integration with common enterprise IaaS, PaaS and SaaS providers. Automated response and proactive threat hunting are built into the service. AI tunes out false positives in real time. NDR, EDR, and Email Security are orchestrated via SIEM, providing a centralised view and seamless handoff between detection, investigation, and response. 4. Key Benefits Value for Money: Competitive tendering for integrated AI-driven managed services enables benchmarking, cost optimisation, and elimination of margin losses from operational inefficiency. Strengthening Security Capability and Outcomes: The solution delivers 24/7 managed detection and response with proven incident investigation, escalation, and rapid containment. Automated triage addresses >90% of alerts, moving human analysts to exception management and threat hunting. Reducing Operational and Delivery Risk: Relying on automated incident response closes the talent gap, addresses analyst burnout, and places delivery risk with suppliers that maintain AI-enhanced SOC capabilities. SLA-driven performance and machine-speed automated actions are formally contracted. Improving Governance, Auditability, and Transparency: Automated, AI-driven audit trails ensure end-to-end traceability of every incident, action, and management decision, enabling regulatory reporting and internal audit compliance. Enabling Scalability and Future Flexibility: AI-driven architecture processes thousands more alerts per day without proportional increases in headcount, supporting scale as business needs and threat volumes evolve. Supporting Compliance and Regulatory Obligations: The managed SOC operates within recognised frameworks (e.g., ISO 27001, ISO 42001, ISO 22301, Cyber Essentials and UK NIS and GDPR) and supplies compliance reporting and rapid incident response evidence proactively. Improving Contractual and Commercial Protections: Integration of AI-driven managed services and tooling provides a clear contractual framework for performance, exit, transition, and data ownership, ensuring service continuity and portability. Aligning Tooling and Managed Services Strategically: Centralised, AI-driven detection and response integrate SIEM, EDR, NDR, and Email Security, reducing duplication, streamlining operations, and clarifying operational accountability. This approach ensures the delivery of a resilient, automated, and future-ready cybersecurity foundation capable of addressing sophisticated threats across all infrastructure layers, maximising operational efficiency, and minimising the cost and risk exposure for the organisation.", "status": "active", "value": { "amountGross": 2637878, "amount": 2198232, "currency": "GBP" }, "awardCriteria": { "criteria": [ { "type": "quality", "name": "FRH Cyber Security Tooling & Managed Services for GWR & AWC", "numbers": [ { "number": 70, "weight": "percentageExact" } ] }, { "type": "price", "name": "FRH Cyber Security Tooling & Managed Services for GWR & AWC", "numbers": [ { "number": 30, "weight": "percentageExact" } ] } ] }, "contractPeriod": { "startDate": "2027-02-01T00:00:00Z", "endDate": "2030-01-31T23:59:59Z", "maxExtentDate": "2032-01-31T23:59:59Z" }, "hasRenewal": true, "renewal": { "description": "A three-year contract will be awarded with the option to extend for a maximum of two years, in one-year increments." }, "hasOptions": true, "options": { "description": "FirstGroup and its affiliates reserve the right to introduce additional cybersecurity tooling and/or managed services during the contract term where required. This may arise in response to changes in the threat landscape, evolving regulatory or compliance requirements, business growth or transformation, identified security risks, or internal capability constraints. Any such additions will be aligned to FirstGroup's operational and security objectives and procured in accordance with applicable governance and contractual provisions." } }, { "id": "2", "title": "First Cyber Security Tooling Tender", "description": "FirstGroup and its affiliated entities (\"FirstGroup\") are undertaking a strategic procurement to select a supplier capable of delivering an enterprise-grade cybersecurity solution. The primary objective is to enhance organisational security maturity while delivering measurable operational efficiencies and strong commercial value. The solution will focus on secure internet access, cloud application control, and Zero Trust connectivity, underpinned by capability consolidation, automation, and AI-enabled services. This procurement represents a key step in modernising FirstGroup's security architecture to address evolving cyber threats, including those associated with increased cloud adoption and AI-enabled risks. Strengthening Security Capability and Outcomes The scope of this procurement includes the replacement or renewal of several core cybersecurity capabilities, including: Internet Security Gateway (ISG): Advanced inspection and protection of web traffic to mitigate malicious and high-risk internet activity Zero Trust Network Access (ZTNA): Secure, identity- and context-based remote access, reducing reliance on legacy VPN solutions Privileged Access Management (PAM): Control, monitoring, and auditing of privileged identities and access pathways (applicable to Group, Bus and Rail) AI Governance and Control: Enforcement of policies governing access to internet-based AI services, SaaS platforms, and APIs to prevent unauthorised usage, data leakage, and compliance breaches CASB and Data Loss Prevention (DLP): Protection of sensitive data across sanctioned and unsanctioned SaaS applications (applicable to Avanti West Coast) The solution must integrate seamlessly with FirstGroup's existing technology and security ecosystem, leveraging artificial intelligence and threat intelligence to enable continuous monitoring, automated policy enforcement, and proactive detection of emerging threats. Reducing Operational and Delivery Risk FirstGroup requires autonomous response and intelligent technical policy controls to reduce the operational burden on internal IT and security teams and address skills constraints within the organisation. Suppliers must demonstrate: Mature and effective security governance frameworks Robust operational controls and service management processes Proven capabilities in incident management, access control, and service continuity Given the critical nature of the systems and data involved, cybersecurity is considered a material enterprise risk, and solutions must be resilient, secure, and aligned with best practices. Improving Governance, Auditability, and Transparency To ensure consistent assurance across all bidders, shortlisted suppliers will be required to complete the FirstGroup Supplier Information Security Assessment via the RiskXChange platform. This assessment evaluates supplier maturity across key domains, including: SOC assurance and security operations IT service management Secure software development Business continuity and disaster recovery Identity and access management Data protection and privacy DDoS protection and cloud security governance This approach ensures a high standard of auditability, comparability, and transparency throughout the procurement process. Enabling Scalability and Future Flexibility The proposed solution must be scalable, adaptable, and future-ready, capable of supporting: Evolving business requirements Hybrid and distributed working models Increasing adoption of cloud services and AI technologies Automation and AI-driven controls are expected to support a transition from reactive security operations to proactive and preventative security management, including dynamic policy enforcement across web, cloud, and AI service usage. Supporting Compliance and Regulatory Obligations Suppliers must provide certification with recognised industry standards, including: ISO/IEC 27001 (Information Security Management) ISO 22301 (Business Continuity Management) ISO/IEC 42001 (Artificial Intelligence Management Systems) UK NCSC-backed schemes Cyber Essentials and Cyber Essentials Plus In addition, the solution must support compliance with applicable UK regulations, including: UK GDPR and the Data Protection Act, ensuring lawful, secure, and transparent processing of personal data UK Network and Information Systems (NIS) Regulations, where applicable, including measures for risk management and incident reporting Improving Contractual and Commercial Protections Participation in this procurement is governed by defined response terms and conditions, including: Structured submission requirements Compliance declarations Conflict of interest disclosures These measures are designed to ensure fairness, transparency, and robust commercial governance across the procurement process. Strategic Alignment of Tooling This procurement supports the delivery of Cyber Security Tooling for First Rail Holdings, including FirstGroup, FirstBus, FirstBus London, London Cable Car, Hull Trains, Lumo Trains, FirstRailLondon, Trams Operations Ltd (TOL), Air Coach, Avanti West Coast, Great Western Railway. The selected supplier will be responsible for delivering and managing an integrated, end-to-end security capability encompassing: Internet access security Cloud and AI governance Privileged access management Zero Trust connectivity This will improve overall security effectiveness, operational efficiency, organisational resilience, and regulatory compliance across participating operating companies.", "status": "active", "value": { "amountGross": 1482914, "amount": 1235761, "currency": "GBP" }, "awardCriteria": { "criteria": [ { "type": "quality", "name": "Lot - 2 First Cyber Security Tooling Tender", "numbers": [ { "number": 60, "weight": "percentageExact" } ] }, { "type": "price", "name": "Lot - 2 First Cyber Security Tooling Tender", "numbers": [ { "number": 40, "weight": "percentageExact" } ] } ] }, "contractPeriod": { "startDate": "2027-02-01T00:00:00Z", "endDate": "2030-01-31T23:59:59Z", "maxExtentDate": "2032-01-31T23:59:59Z" }, "hasRenewal": true, "renewal": { "description": "A three-year contract will be awarded with the option to extend for a maximum of two years, in one-year increments." }, "hasOptions": true, "options": { "description": "FirstGroup and its affiliates reserve the right to introduce additional cybersecurity tooling and/or managed services during the contract term where required. This may arise in response to changes in the threat landscape, evolving regulatory or compliance requirements, business growth or transformation, identified security risks, or internal capability constraints. Any such additions will be aligned to FirstGroup's operational and security objectives and procured in accordance with applicable governance and contractual provisions." } } ], "documents": [ { "id": "conflictOfInterest", "documentType": "conflictOfInterest", "description": "Not published" }, { "id": "L-1", "documentType": "biddingDocuments", "url": "https://s2c-uk62.waxdigital.com/FirstGroupPlc/DisplayModules/TradeModules/Negotiations/Opportunities/ViewOpportunityEvent.aspx?EventID=5149&Culture=en-GB" }, { "id": "045436-2026", "documentType": "tenderNotice", "noticeType": "UK4", "description": "Tender notice on Find a Tender", "url": "https://www.find-tender.service.gov.uk/Notice/045436-2026", "datePublished": "2026-05-18T15:49:33+01:00", "format": "text/html" } ], "contractTerms": { "financialTerms": "The tender notice/Expression of Interest (EOI) shall remain valid for a period of 30 days commencing from 18 May 2026. During this period, interested suppliers will be invited to participate in a Pre-Qualification Questionnaire (PQQ) exercise, subject to the prior submission of a duly signed Non-Disclosure Agreement (NDA) and acceptance of its terms. Access to the PQQ will only be granted to bidders who have submitted a signed NDA, and such access will be provided five (5) days after the publication of this tender notice. The deadline for submission of the PQQ will be five (5) days after the expiration of the tender notice period, and all completed PQQ responses must be submitted before this deadline. The detailed tender timeline and subsequent stages of the procurement process are provided within the PQQ documentation." } }, "language": "en" }