--- title: "DDaT21551 - URKI Identity & Access Management" ocid: "ocds-h6vhtk-0303bd" canonical_url: "https://d3tenders.com/contract/?ocid=ocds-h6vhtk-0303bd" markdown_url: "https://d3tenders.com/contract/ocds-h6vhtk-0303bd.md" json_url: "https://d3tenders.com/contract/ocds-h6vhtk-0303bd.json" source: "Find A Tender Service" current_stage: "Tender" buyer: "UK RESEARCH AND INNOVATION" published: "2021-12-20" --- # DDaT21551 - URKI Identity & Access Management Buyer: UK RESEARCH AND INNOVATION Current stage: Tender OCID: ocds-h6vhtk-0303bd [View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-h6vhtk-0303bd) [Download OCDS JSON](https://d3tenders.com/contract/ocds-h6vhtk-0303bd.json) ## Summary The procurement process is being led by UK Research and Innovation (UKRI), located at Polaris House, North Star Avenue, Swindon, United Kingdom. The tender, titled "DDaT21551 - URKI Identity & Access Management," falls under the IT services category, specifically focused on consulting, software development, Internet services, and support. This open procedure tender is currently at the Award stage, with a bid submission deadline set for 4th February 2022 at 14:00. The total contract value is £15 million, with an initial period of two years and the potential for extensions up to five years. This tender presents significant opportunities for IT services companies specialising in identity governance and access management solutions. Businesses that have expertise in software development, cybersecurity, and user experience optimisation would be particularly well-suited to compete for this contract. Engaging in this procurement process can enable companies to expand their portfolios, increase visibility in the public sector, and establish long-term relationships with a major government body, thus fostering sustained business growth. ## Notice UKRI Identity & Access Management Solution ### Lot Information Lot 1 The final date and time for the submission of bids is 04/02/2022 at 14:00 DO NOT apply directly to the buyer. All tender information MUST be submitted through the Delta eSourcing Portal. Brief Description of Requirement Launched in April 2018, UK Research and Innovation (UKRI) is a non-departmental public body sponsored by the Department for Business, Energy and Industrial Strategy (BEIS). UKRI brings together the nine councils, working together in innovative ways to deliver an ambitious agenda, drawing on our great depth and breadth of expertise and the enormous diversity of our portfolio. Through our councils we maintain and champion the creativity and vibrancy of disciplines and sector-specific priorities and communities. Our councils shape and deliver both sectoral and domain-specific support. We work with our stakeholders to understand the opportunities and requirements of all the different parts of the research and innovation landscape, maintaining the health, breadth, and depth of the system. The UKRI Digital, Data and Technology (DDaT) strategy has a vision to deliver services that maximise user productivity and empower effective decision making by unlocking UKRI business data and information. Flexible and Secure is one of the strategic themes of the DDaT strategy to provide the enterprise grade Security that ensures that our assets are protected, and our legal obligations are met. Identity Access Management (IAM) is the strategic initiative under Flexible and Secure theme of the DDaT strategy. Aims IAM Project Vision The vision for the UKRI IAM Project is 'to deliver a modern intelligent identity and access management platform which provides Identity Governance and Administration (IGA) and Access Management (AM) services that encompass the entire organisation.' To achieve the vision, the project will focus on delivering the following benefits: * Reduced Risk * Reduced Operational Costs * Improved User Experience * Improved Efficiency Objectives The objective of UKRI IAM Project is to deliver the strategic Identity Access Management (IAM) capabilities. To avoid ambiguity, the industry standard terminology is used to describe Identity Governance and Administration (IGA) and Access Management (AM) capabilities. The low-level requirements can be found in the "IAM Technical Compliance Requirements": Identity Governance and Administration (IGA) Identity Policy management Identity life cycle management Roles and Entitlements management Access requests and Workflow management Provisioning and Fulfilment Access certification Identity Governance and Auditing Identity analytics and reporting Access Management (AM) Support internal and external identities Directory and identity synchronization, including identity repository services User self-service capabilities, including registration, password management, profile management and delegated administration User authentication methods, multifactor authentication (MFA) and single sign-on (SSO) Support advanced user authentication methods, such as Fast IDentity Online (FIDO) and Passwordless authentication Authorisation and adaptive access Access orchestration for decision tree support of external authentication and authorization methods Support for UK AMF and modern identity protocols, such as Security Assertion Markup Language (SAML), OAuth, System for Cross-Domain Identity Management (SCIM) and OpenID Connect (OIDC). Access enforcement for standard and nonstandard target applications Proxy services, agents, or other mechanisms for nonstandard application enablement Session management Event logging, access analytics and reporting BYOI integration Developer self-service for application integrations and administration Project Implementation Approach As part of UKRI's 'Reforming Our Business' programme, a new environment has been created to deliver a single shared infrastructure for delivery of centralised unified IT services for the whole of UKRI. This environment is often referred to as 'Greenfield' and currently contains Active Directory, Azure AD, Microsoft 365, and other services. The 'Business IT Unification' programme is migrating each of the councils from their legacy environments into the new 'Greenfield' environment. The IAM project adopts a simplified implementation approach, which benefits other strategic UKRI programmes/projects. The project is able to use internal UKRI resources to help the suppliers throughout the implementation phases. The following table illustrates a phased approach for Financial Year 1 (2022-23), which is flexible. Bidders are encouraged to provide alternate implementation path that satisfies "IAM Technical Compliance Requirements". Implementation Area Phase 1 (July 2022) Phase 2 (October 2022) Phase 3 (February 2023) Greenfield / Non-Greenfield Greenfield Greenfield Greenfield and Non-Greenfield User Population 3000 internal users 5000 external users Additional 3500 internal users Additional 10000 external users Additional 3500 internal users (total 10,000 users) Additional 15000 external users (total 30,000 users) Identity Governance and Administration (IGA) Build IGA Foundational capabilities Build a central identity vault Authoritative sources integration for identities having HR record (Oracle HR and Workday) Authoritative sources integration for identities NOT having HR record (AD, Azure AD) Automatic provisioning of accounts to Greenfield AD and Azure AD Lifecycle management of users (New Joiners and Leavers) Support integration of identity vault with UKRI Staff Directory service Authoritative sources integration for identities from various sources requiring manual data feed (Supplier will configure 1 source per data feed pattern) Guest Users management Roles and entitlements management of Greenfield apps (supplier will configure 2 apps per pattern) Access Catalogue, Access requests, workflows and automatic provisioning/deprovisioning of access (supplier will configure 2 apps per pattern) Automatic provisioning of accounts to council-specific AD domains (maximum 2) and council-specific Azure AD tenants (maximum 2) ServiceNow CMDB integration Lifecycle management of users (Movers) Access recertification Roles and entitlements management of Non-Greenfield apps (supplier will configure 2 apps per integration pattern) Automatic provisioning of accounts to council-specific AD domains (maximum 2) and council-specific Cloud tenants (maximum 2) ServiceNow Ticketing integration Segregation of Duties and Toxic combinations Access Management (AM) Build Access Management Foundational capabilities Integration of selected pilot apps (maximum 5) with Access Management foundational capabilities Integration of selected Greenfield apps (Supplier will configure 2 apps per integration pattern) with Access Management foundational capabilities Integration of selected Non-Greenfield apps (Supplier will configure 2 apps per integration pattern) with Access Management foundational capabilities Please ensure you review all attached information to ensure a full understanding of this requirement. All attachments can be found with the Document Uploads tab within the Delta eSourcing Portal and in the associated Contracts Finder Notice. This contract will be awarded based on the evaluation criteria as set out in the RFP document. How to Apply UK Shared Business Services Ltd (UK SBS) will be using the Delta eSourcing Portal for this procurement. To register on the Delta eSourcing portal please use the link https://www.delta-esourcing.com/ and follow the instructions to register. If you are already registered on the Delta eSourcing Portal and wish to participate in this procurement, please use the link: https://www.delta-esourcing.com/ and the follow the instructions to 'Log in' Once you are logged into the system you will be able to link yourself into this procurement using the Access Code: 5DJDP8WMVM The contract shall be in operation for an initial period of 2 years with the option to extend +1 +1 + 1, for a total of 5 years. Renewal: The contract can be extended on an annual basis till 2027. ## Key Details | Field | Value | | --- | --- | | Publication source | Find A Tender Service | | Latest notice | https://www.find-tender.service.gov.uk/Notice/031863-2021 | | Notice type | Tender Notice | | Procurement type | Standard | | Procurement category | Services | | Procurement method | Open | | Procurement method details | Open procedure | | Tender suitability | Not specified | | Awardee scale | Not specified | | All stages | Tender | ## Dates | Field | Value | | --- | --- | | Publication date | 20 Dec 2021 | | Submission deadline | 4 Feb 2022 | | Future notice date | Not specified | | Award date | Not specified | | Contract period | 21 Mar 2022 - 20 Mar 2024 | | Recurrence | Not specified | ## Values | Field | Value | | --- | --- | | Tender value | £15,000,000 | | Lots value | £15,000,000 | | Awards value | Not specified | | Contracts value | Not specified | ## Status | Field | Value | | --- | --- | | Tender status | Active | | Lots status | Active | | Awards status | Not specified | | Contracts status | Not specified | ## Buyer | Field | Value | | --- | --- | | Main buyer | UK RESEARCH AND INNOVATION | | Locality | SWINDON | | Post town | Swindon | | Postcode | SN2 1FF | | Country | England | | ITL 1 | TLK South West (England) | | ITL 2 | TLK7 Gloucestershire and Wiltshire | | ITL 3 | TLK71 Swindon | | Local authority | Swindon | | Electoral ward | Rodbourne Cheney | | Westminster constituency | Swindon North | | Delivery location | Not specified | ## CPV Codes ### Divisions - 72 - IT services: consulting, software development, Internet and support ### Codes - 72000000 - IT services: consulting, software development, Internet and support ## Release History - 20 Dec 2021 at 23:09 - TenderUpdate - Tender Notice - https://www.find-tender.service.gov.uk/Notice/031863-2021 - 20 Dec 2021 at 16:09 - Tender - Tender Notice - https://www.find-tender.service.gov.uk/Notice/031814-2021 ## Notice URLs - http://www.uksbs.co.uk/services/procure/contracts/Pages/default.aspx - https://uksbs.delta-esourcing.com/ - https://www.delta-esourcing.com/ - https://www.ukri.org/ - https://www.uksbs.co.uk/pages/default.aspx ## Provenance This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-h6vhtk-0303bd. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-h6vhtk-0303bd.json.