--- title: "Cyber Security Testing Services" ocid: "ocds-r6ebe6-0000778856" canonical_url: "https://d3tenders.com/contract/?ocid=ocds-r6ebe6-0000778856" markdown_url: "https://d3tenders.com/contract/ocds-r6ebe6-0000778856.md" json_url: "https://d3tenders.com/contract/ocds-r6ebe6-0000778856.json" source: "Public Contracts Scotland" current_stage: "Award" buyer: "SCOTTISH GOVERNMENT" published: "2024-09-25" --- # Cyber Security Testing Services Buyer: SCOTTISH GOVERNMENT Current stage: Award OCID: ocds-r6ebe6-0000778856 [View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-r6ebe6-0000778856) [Download OCDS JSON](https://d3tenders.com/contract/ocds-r6ebe6-0000778856.json) ## Summary The Scottish Government has awarded a contract for cyber security testing services under its Dynamic Purchasing System (DPS) for Digital Technology Services, specifically Lot 4 Cyber Security and Resilience Services. The awarded contract, signed on 13th September 2024, focuses on providing quality-assured security testing, including annual IT health checks and ad-hoc security tests at key project milestones. The buying organisation is the Scottish Government, with the primary delivery location being Victoria Quay, The Shore, Edinburgh, although services will predominantly be provided remotely. The procurement method used was an open procedure, and the contract is valued at GBP 3,000,000. A key deadline for note was the award notice published on 25th September 2024. This tender presents significant growth opportunities for businesses specialising in cyber security services, particularly those that are NCSC CHECK approved and capable of deploying security testing tools across diverse IT environments like Microsoft Azure and Amazon AWS. The requirement for subcontracting (up to 25% of the contract value, estimated at GBP 750,000) also opens up potential partnerships for smaller firms. Companies experienced in providing both routine and ad-hoc IT security tests and those capable of meeting the Scottish Government’s comprehensive requirements will find this tender particularly well-suited. ## Notice The Scottish Ministers, on behalf of The Scottish Government have a requirement to engage with a partner to secure a service provider that will provide quality-assured security testing services and will have the scale and flexibility to accommodate both longer-term routine (e.g. annual) Information Technology (IT) operational health checks, as well as more frequent point-in-time security tests at key project milestones throughout the contract. ### Lot Information Lot 1 1.1 The Scottish Ministers, on behalf of The Scottish Government and hereafter referred to as the Purchaser, is seeking to establish an agreement for the provision of cyber security testing services. The contract shall undertake these services across a range of programmes which support our Digital Strategy and Cyber Resilient Strategic Framework. The successful Service Provider MUST be NCSC CHECK approved as the services will cover a wide variety of Scottish Government applications, platforms, and network types A Contract is required to cover the following service scope as a minimum and as further detailed in the Statement of Requirements: A. Cyber security testing which must comply with NCSC and UK Government guidance for cyber security testing and in line with the CHECK scheme. B. Deploy testing tools, either locally or remotely (as appropriate), to a wide variety of on-premise and cloud environments (e.g. Microsoft 365, Microsoft Azure, Amazon AWS, Google Cloud Platform, Oracle Cloud Infrastructure, etc). C. Provide CHECK level security testing. D. Cyber Security Red Teaming.. Requirement has been called off from the Scottish Governments Dynamic Purchasing System (DPS) for Digital Technology Services under Lot 4 Cyber Security and Resilience Services. ## Key Details | Field | Value | | --- | --- | | Publication source | Public Contracts Scotland | | Latest notice | https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=SEP514938 | | Notice type | PCS Notice - Website Contract Award Notice | | Procurement type | Standard | | Procurement category | Services | | Procurement method | Open | | Procurement method details | Open procedure | | Tender suitability | Not specified | | Awardee scale | SME | | All stages | Award | ## Dates | Field | Value | | --- | --- | | Publication date | 25 Sep 2024 | | Submission deadline | Not specified | | Future notice date | Not specified | | Award date | 13 Sep 2024 | | Contract period | Not specified | | Recurrence | Not specified | ## Values | Field | Value | | --- | --- | | Tender value | Not specified | | Lots value | Not specified | | Awards value | Not specified | | Contracts value | £3,000,000 | ## Status | Field | Value | | --- | --- | | Tender status | Complete | | Lots status | Complete | | Awards status | Not specified | | Contracts status | Active | ## Buyer | Field | Value | | --- | --- | | Main buyer | SCOTTISH GOVERNMENT | | Locality | GLASGOW | | Post town | Glasgow | | Postcode | G2 8LU | | Country | Scotland | | ITL 1 | TLM Scotland | | ITL 2 | TLM3 West Central Scotland | | ITL 3 | TLM32 Glasgow City | | Local authority | Glasgow City | | Electoral ward | Anderston/City/Yorkhill | | Westminster constituency | Glasgow North | | Delivery location | TLM75 City of Edinburgh | ## Supplier | Field | Value | | --- | --- | | Number of suppliers | 1 | | Supplier names | COMMISSUM | ## CPV Codes ### Divisions - 72 - IT services: consulting, software development, Internet and support ### Codes - 72222300 - Information technology services ## Release History - 25 Sep 2024 at 00:00 - Award - PCS Notice - Website Contract Award Notice - https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=SEP514938 ## Documents - https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=SEP514938 Cyber Security Testing Services - The Scottish Ministers, on behalf of The Scottish Government have a requirement to engage with a partner to secure a service provider that will provide quality-assured security testing services and will have the scale and flexibility to accommodate both longer-term routine (e.g. annual) Information Technology (IT) operational health checks, as well as more frequent point-in-time security tests at key project milestones throughout the contract. ## Notice URLs - http:// - http://www.commissum.com - http://www.scotcourts.gov.uk/the-courts/sheriff-court/find-a-court - http://www.scotland.gov.uk - https://api.publiccontractsscotland.gov.uk/v1/Notice?id=ocds-r6ebe6-0000778856 ## Provenance This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-r6ebe6-0000778856. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-r6ebe6-0000778856.json.