---
title: "Provision of Defence Cyber Protection (DCPP) Tool"
ocid: "ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8"
canonical_url: "https://d3tenders.com/contract/?ocid=ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8"
markdown_url: "https://d3tenders.com/contract/ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8.md"
json_url: "https://d3tenders.com/contract/ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8.json"
source: "Contracts Finder"
current_stage: "Tender"
buyer: "MINISTRY OF DEFENCE, INFORMATION SYSTEMS AND SERVICES, ISS COMMERCIAL SOURCING TEAM"
published: "2019-11-20"
---

# Provision of Defence Cyber Protection (DCPP) Tool

Buyer: MINISTRY OF DEFENCE, INFORMATION SYSTEMS AND SERVICES, ISS COMMERCIAL SOURCING TEAM  
Current stage: Tender  
OCID: ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8

[View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8)  
[Download OCDS JSON](https://d3tenders.com/contract/ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8.json)

## Summary

The United Kingdom Ministry of Defence, specifically the Information Systems and Services, ISS Commercial Sourcing Team, is initiating a tender for the "Provision of Defence Cyber Protection (DCPP) Tool". This opportunity falls within the services industry category and is located in Corsham, UK. The procurement is currently at the tender stage, with submissions due by 16 December 2019. The contract, expected to be valued at approximately £5 million, is intended to replace an existing cyber protection tool, providing critical functionalities for risk assessment and supplier assurance and is set to commence on 30 April 2020, lasting until 29 April 2025.

This tender presents a substantial opportunity for businesses specialising in cybersecurity software and managed services, particularly those capable of adhering to UK Government Digital Service requirements. Companies that can demonstrate expertise in developing secure online tools and maintaining robust data management systems would be particularly well-suited to compete. With a focus on enhancing cyber security within supply chains, the contract may also appeal to SMEs looking to expand their portfolios in Government contracting.

## Notice

The United Kingdom Ministry of Defence will be placing a contract to replace the current Supplier Cyber Protection Tool, which enables the MOD's Defence Cyber Protection Partnership (DCPP) Cyber Security Model. The tool provides both Risk Assessment (RA) and Supplier Assurance Questionnaire (SAQ) functionality, ensuring the process can be flowed down the supply chain. The tool is accessed via the www.gov.uk website and must adhere to UK Government Digital Service (GDS) requirements for design. It uses GDS' Verify online authentication tool to authenticate some of the users. Users log in using multi-factor authentication and are taken to a dashboard showing their existing submissions and can elect to complete an RA or an SAQ. On completion of an RA, the tool calculates the cyber risk profile (N/A, Very Low, Low, Moderate or High) and advises this, together with an RA reference, to the RA author. SAQ authors respond to a specific RA using the RA reference. When flowing down, a contractor's RA (for a sub-contract) is linked back to their original SAQ response. The combination of linked RAs and SAQs provides visibility of the supply chain, for which subcontractor names will be hidden to all except their immediate customer, and to a small number of super-users within MOD. RA and SAQ authors also have options to save, continue and re-use questionnaires and invite collaboration, and anyone may produce a trial RA or SAQ. Only MOD users may initiate a top-level RA. The initial requirement is for a tool, to be delivered as a managed service, consisting of a workflow and back-end database, to replicate the functionality of the current tool, in terms of the process described above. The new tool will be hosted on the MOD Cloud (see supplementary information attached to the PQQ). Further enhancements to extend the functionality to other areas (including secure by design in product/system design and development) will be sought through the ITT process including, but not limited to, those which might offer updates on the cyber security status of particular suppliers. This is intended to be managed through a staged approach, building on the proven effective and stable operation of the baseline functionality. This requirement is specific to MOD needs, with wider Government having an interest in the output. A Commercial Exploitation Licence will be sought as part of the ITT to reflect this. Additional information: To view this notice, register as a supplier here: http://www.contracts.mod.uk/delta/signup.html?userType=supplier and search for the notice with reference 'UK-Corsham: Industry specific software package.'.

## Key Details

| Field | Value |
| --- | --- |
| Publication source | Contracts Finder |
| Latest notice | https://www.contractsfinder.service.gov.uk/Notice/21ed41ae-d412-4377-b099-367bc75e5f2d |
| Notice type | Tender Notice |
| Procurement type | Standard |
| Procurement category | Services |
| Procurement method | Selective |
| Procurement method details | Restricted procedure |
| Tender suitability | SME |
| Awardee scale | Not specified |
| All stages | Tender |

## Dates

| Field | Value |
| --- | --- |
| Publication date | 20 Nov 2019 |
| Submission deadline | 16 Dec 2019 |
| Future notice date | Not specified |
| Award date | Not specified |
| Contract period | 29 Apr 2020 - 29 Apr 2025 |
| Recurrence | Not specified |

## Values

| Field | Value |
| --- | --- |
| Tender value | £5,000,000 |
| Lots value | Not specified |
| Awards value | Not specified |
| Contracts value | Not specified |

## Status

| Field | Value |
| --- | --- |
| Tender status | Active |
| Lots status | Not specified |
| Awards status | Not specified |
| Contracts status | Not specified |

## Buyer

| Field | Value |
| --- | --- |
| Main buyer | MINISTRY OF DEFENCE, INFORMATION SYSTEMS AND SERVICES, ISS COMMERCIAL SOURCING TEAM |
| Locality | CORSHAM |
| Post town | Swindon |
| Postcode | SN13 9NR |
| Country | England |
| ITL 1 | TLK South West (England) |
| ITL 2 | TLK7 Gloucestershire and Wiltshire |
| ITL 3 | TLK72 Wiltshire |
| Local authority | Wiltshire |
| Electoral ward | Corsham Ladbrook |
| Westminster constituency | Chippenham |
| Delivery location | Not specified |

## CPV Codes

### Divisions

- 48 - Software package and information systems

### Codes

- 48100000 - Industry specific software package

## Release History

- 20 Nov 2019 at 18:40 - Tender - Tender Notice - https://www.contractsfinder.service.gov.uk/Notice/21ed41ae-d412-4377-b099-367bc75e5f2d

## Documents

- https://www.contractsfinder.service.gov.uk/Notice/21ed41ae-d412-4377-b099-367bc75e5f2d
  20th November 2019 - Opportunity notice on Contracts Finder

## Notice URLs

- http://www.contracts.mod.uk/delta/signup.html?userType=supplier

## Provenance

This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-b5fd17-205fb3e6-f536-4294-9959-5221819edce8.json.