South East forces tender for information assurance contract
South East police forces have issued a joint tender for a framework agreement for information assurance services in a contract that will be worth up to £20 million.
Surreys police and crime commissioner (PCC) Kevin Hurley has issued the tender on behalf of the forces in the South East Regional Information Security Management Group, including British Transport Police, Civil Nuclear Constabulary, Essex Police, Hampshire Constabulary, Hertfordshire Constabulary, Kent Police, the Metropolitan Police Service, Surrey Police, Sussex Police and Thames Valley Police.
The contract is estimated to be worth between £10 million and £20 million.
The framework, which will have an initial term of two years with the option to extend for two further terms each of up to a years duration, will cover four lots.
The first lot is for penetration testing, including an annual IT health check. The Official Journal of the European Union notice states that this lot involves ethical hackers testing key elements of the system to provide assurances and advice around its security.
Lot two is for CESG Listed Adviser Scheme (CLAS) advice. CLAS consultants offer specialised advice regarding securing a solution to an acceptable CESG government standard. These consultants have been approved by CESG which also maintain their vetting, the notice states.
Lot three covers risk management accreditation document sets (RMADS) production. RMADS are required for systems holding restricted or greater data for accreditation. It is an information assurance standard stipulated by the Government to comply with its security policy framework and allows an accreditor to advise senior information risk owners (SIROs) on all risk that they may have to sign off.
Lot four is for a privacy impact assessment (PIA), a requirement under the Data Protection Act 2003 for any system that holds personal data.
The framework agreement is covered by the Government Procurement Agreement (GPA), which regulates the procurement of goods and services based on the principles of openness, transparency and non-discrimination.