--- title: "Small Business Research Initiative (SBRI) : Reducing Public Sector Risk through Culture Change (Phase One)" ocid: "ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8" canonical_url: "https://d3tenders.com/contract/?ocid=ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8" markdown_url: "https://d3tenders.com/contract/ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8.md" json_url: "https://d3tenders.com/contract/ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8.json" source: "Contracts Finder" current_stage: "Tender" buyer: "CABINET OFFICE" published: "2021-10-19" --- # Small Business Research Initiative (SBRI) : Reducing Public Sector Risk through Culture Change (Phase One) Buyer: CABINET OFFICE Current stage: Tender OCID: ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8 [View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8) [Download OCDS JSON](https://d3tenders.com/contract/ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8.json) ## Summary The Cabinet Office is currently conducting a tender for the project titled "Small Business Research Initiative (SBRI): Reducing Public Sector Risk through Culture Change (Phase One)." This procurement process, classified under the industry category of security software package and research and development services, is taking place in London, England. The tender period is open until 8th November 2021, with a contract expected to commence on 29th November 2021 and last until 7th March 2022. The total funding available for this phase is up to £400,000, with individual project contracts valued up to £60,000. The procurement method is an open procedure, aimed at inviting a range of suppliers to contribute their expertise. This tender presents significant opportunities for small businesses, particularly those involved in security software development, risk management consultancy, and related sectors. Companies with innovative solutions to enhance security culture in public sector organisations would be particularly well-suited to apply. The Cabinet Office encourages applications from small, woman-owned, and ethnic minority-owned businesses, underlining its commitment to diverse participation. Engaging in this initiative not only enables businesses to showcase their capacities but also fosters growth through potential follow-on contracts in the second phase of the programme, which focuses on the practical field testing and commercialisation of successful interventions. ## Notice Security is seen as complicated or confusing by many people, or even as a blocker or impediment to working. Security is rarely promoted as an enabler or core business outside the security practitioner community. The public sector needs to better enable our people to reduce and manage risk, where 'our people' are defined as users (anyone who uses government official IT) and practitioners (those responsible for managing and delivering security in an organisation), and where 'risk' is defined as "the harm arising from potential loss, damage or compromise of government assets." We know that organisational cultures can be a powerful influence on how people act in the workplace, where 'culture' is defined as "shared values (what is important) and beliefs (how things work) that interact with an organisation's structures and control systems to produce behavioural norms (the way we do things around here)." We want to validate or disprove the following hypotheses: A) Promoting appropriate culture(s) is an effective lever in reducing and managing risk; B) Human Factors -including organisational climate and culture- play a critical role in our cross government risk posture today; C) It is feasible to develop a holistic methodology or capability that can assess and monitor the health of the Human Factors landscape - including organisational climate and culture - across a public sector organisation in near real time; D) It is feasible to develop a single methodology or capability to assess and monitor the health of the Human Factors landscape - including organisational climate and culture - across government in near real time; E) Although several aspects of culture are interrelated, it adds value to target 'cyber culture' separately from 'organisational culture' or 'security culture' (where "security culture" is defined as 'The set of values, beliefs and assumptions, shared by everyone in an organisation, which determine how people are expected to think about and approach physical, personnel, technical and cyber security'); F) Leadership (senior leaders as well as local line managers) attitudes and behaviours are the single greatest factor which drive an organisation's risk posture, and therefore represents the greatest value for risk interventions; G) Risk interventions applicable to government departments are also applicable to other public sector organisations such as local authorities, education and healthcare arm lengths bodies; H) Appropriate security cultures require the organisation to improve people's capability and opportunity to work securely, as well as their attitudes and motivation. I) Interventions which reduce high risk behaviours (e.g. reduced IT security violations) can be measured in near real-time, quantitatively and qualitatively. Additional information: Over 12 weeks, Phase One invites potentially multiple suppliers to: 1) validate or disprove as many of our nine hypotheses as possible and; 2) develop, prototype and test systematic interventions or groups of interventions to reduce risk, and; 3) propose implementation measures and outcome measures of the effectiveness for these intervention(s). User Need Our users need to be able to: A) implement your intervention(s) quickly, cheaply and easily; B) measure the effectiveness of your intervention(s) on reducing risk in near real time; C) integrate your intervention(s) seamlessly with existing business processes and initiatives; D) monitor the impact of your intervention(s) on risk across diverse public sector organisations. Other Information: Contract Structure The overall programme will be delivered over two phases; this contract is for the first phase (Phase One). Up to PS400,000 (including VAT) is allocated to Phase One of the competition, with potentially a number of simultaneous technical feasibility study contracts awarded of up to PS60,000k (including VAT) per project for up to 12 weeks. Phase Two will award research and development contracts to Phase One project partners to deliver a "private beta" or field testing of the prototype developed in Phase One with a small group of controlled users. The intended outcome of Phase Two is that we have field tested what will turn into a centrally delivered service that improves delivery in departments/ public sector organisations. We target awarding up to three Phase Two contracts of up to PS200,000 each (including VAT) for up to 12 months of research, development and prototyping. The contract will terminate at the end of Phase Two, and the chosen business will be expected to pursue commercialisation of their solution. Suppliers will retain intellectual property developed during the contract, but foreground and necessary background IP to exploit the solution must be available to license on equitable, non-royalty terms by the government. Who is Eligible Applicants must be legal entities with strong ties to the UK. The contract that will be signed is a non-negotiable pre-market procurement instrument used in other SBRI competitions. Small businesses and woman- and ethnic minority-owned businesses are particularly encouraged to apply. Q&A We will offer two 60 minute virtual Q&A sessions on Wednesday 27th October at 14.00 - 15.00 and Wednesday 3rd November from 15.00 - 16.00 with interested suppliers to answer questions about the tender. Please register by emailing: gsf.governance@cabinetoffice.gov.uk ## Key Details | Field | Value | | --- | --- | | Publication source | Contracts Finder | | Latest notice | https://www.contractsfinder.service.gov.uk/Notice/9d51e667-05e5-48d1-addf-cda1653f961c | | Notice type | Tender Notice | | Procurement type | Standard | | Procurement category | Services | | Procurement method | Open | | Procurement method details | Open procedure (below threshold) | | Tender suitability | SME, VCSE | | Awardee scale | Not specified | | All stages | Tender | ## Dates | Field | Value | | --- | --- | | Publication date | 19 Oct 2021 | | Submission deadline | 8 Nov 2021 | | Future notice date | Not specified | | Award date | Not specified | | Contract period | 29 Nov 2021 - 7 Mar 2022 | | Recurrence | Not specified | ## Values | Field | Value | | --- | --- | | Tender value | £400,000 | | Lots value | Not specified | | Awards value | Not specified | | Contracts value | Not specified | ## Status | Field | Value | | --- | --- | | Tender status | Active | | Lots status | Not specified | | Awards status | Not specified | | Contracts status | Not specified | ## Buyer | Field | Value | | --- | --- | | Main buyer | CABINET OFFICE | | Locality | LONDON | | Post town | South West London | | Postcode | SW1A 2AS | | Country | England | | ITL 1 | TLI London | | ITL 2 | TLI3 Inner London - West | | ITL 3 | TLI35 Westminster and City of London | | Local authority | Westminster | | Electoral ward | St James's | | Westminster constituency | Cities of London and Westminster | | Delivery location | Not specified | ## CPV Codes ### Divisions - 48 - Software package and information systems - 73 - Research and development services and related consultancy services - 75 - Administration, defence and social security services ### Codes - 48730000 - Security software package - 73000000 - Research and development services and related consultancy services - 75241000 - Public security services ## Release History - 19 Oct 2021 at 13:04 - Tender - Tender Notice - https://www.contractsfinder.service.gov.uk/Notice/9d51e667-05e5-48d1-addf-cda1653f961c ## Documents - https://www.contractsfinder.service.gov.uk/Notice/9d51e667-05e5-48d1-addf-cda1653f961c 19th October 2021 - Opportunity notice on Contracts Finder - https://www.contractsfinder.service.gov.uk/Notice/Attachment/2484b47e-b041-4949-baab-1a3174dc3129 Authority Contract - https://www.contractsfinder.service.gov.uk/Notice/Attachment/13eee66a-5e7c-4aa6-8400-beb37ca3589a Invitation To Tender - https://www.contractsfinder.service.gov.uk/Notice/Attachment/1fdc77ab-95f7-41de-bae9-90a6f1713015 Competition Brief Template - https://www.contractsfinder.service.gov.uk/Notice/Attachment/e2caf776-d916-4cd6-9b11-3549d6d35db2 Guidance Notes - https://www.contractsfinder.service.gov.uk/Notice/Attachment/e67fe980-c8c9-407e-b947-3ce6a6b358db Application Form - https://www.contractsfinder.service.gov.uk/Notice/Attachment/ef5a8871-e4d3-431b-b91b-483fd6311935 SBRI FAQs - https://www.contractsfinder.service.gov.uk/Notice/Attachment/1b707f8c-fc60-4972-b8e9-f5b6f3d78a66 Assessor Guidance ## Notice URLs - https://www.gov.uk/government/collections/government-security ## Provenance This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-b5fd17-dedefe8b-597d-491b-bdab-8eac5dac89b8.json.