WATER SERVICES REGULATION AUTHORITY
Security Penetration and IT Health Check
This sits below the typical range for IT Services contracts — a smaller, more accessible award. Based on 36,449 valued IT Services tenders in our corpus.
The objective is to ensure that Ofwat has a secure, robust and managed network infrastructure in place that satisfies the NCSC and their PSN accreditation and Ofwat's Internal Auditors.
Scope The areas of expertise or services that we may require are: • CLAS consultants with expertise in accrediting organisations to the PSN; • Penetration testing and system health checks (compliant to security standards and NCSC's CHECK service); • Phishing simulation program; • Computer and server forensics; • Auditing; • Security policy advice and support (and any legal interfaces); • Information risk, the information assurance maturity model (IAMM) and the information risk return to Cabinet Office (that now includes the Security Policy Framework [SPF] return); • HMG Cyber security initiatives; • Network Access Security; • Boundary security and remote working security; • Encryption of information assets at rest; • Mobile device security; • Email encryption and web security; • Website security; • Business continuity; • Cloud security principles and their implementation; • Security strategy and vision; and • Training and education across the areas listed above.
For the support service we require an agreement where we can contact the supplier and request help on one or more of the areas above.
Some of these services may be required at short notice although the Customer will endeavour to give a minimum two weeks notice of any requirement.
We currently have a known requirement for biannual security penetration and IT health checks to be conducted in January and June each year.
This is currently a mandatory requirement for our PSN accreditation process.
We would require the agreement to include at least the minimum number of days required to conduct two IT Health check and penetration tests each year plus an additional 4 days that may be called on for any of the areas listed above. (A sampling approach is acceptable when considering the penetration testing of its laptop population as all models are the same make and model and have a similar configuration).
What the supplier must deliver
The objective is to ensure that Ofwat
The objective is to ensure that Ofwat has a secure, robust and managed network infrastructure in place that satisfies the NCSC and their PSN accreditation and Ofwat's Internal Auditors.
• Security policy advice and support (
• Security policy advice and support (and any legal interfaces);.
For the support service we require
For the support service we require an agreement where we can contact the supplier and request help on one or more of the areas above.
We would require the agreement to include
We would require the agreement to include at least the minimum number of days required to conduct two IT Health check and penetration tests each year plus an additional 4 days that may be called on for any of the areas listed above.
Derived from the notice text — always confirm against the original documents.
Skills, tools & certifications
Detected from the notice — the capabilities and credentials this bid calls for. Click one to see who wins that work.
Make the case to bid
Reveal who to approach at WATER SERVICES REGULATION AUTHORITY, and generate a go-to-market strategy from their news, accounts and people.
- OCID
- 40d5b5b5-42dc-4ba8-8534-3b2d2353fe33
- Stage
- contract · Contract
- Source
- Contracts Finder
- Buyer ref
- PROC.02.0134
Contains public sector information licensed under the Open Government Licence v3.0. Source data © Crown copyright.
Who wins this kind of work
The suppliers and buyers around this opportunity — drawn from official award data. Drag to orbit; click a node to explore.
Top suppliers & buyers in IT Services
Assembling the market network…
WATER SERVICES REGULATION AUTHORITY’s tender network
Assembling the network…
Similar open tenders
SPS-02269 - SPS IT Health Check and Cyber Essentials Framework Agreement
Scottish Prison Service
Cyber Security Services 3 Extension Notice
The Minister for the Cabinet Office acting through Crown Commercial Service