Section one: Contracting authority/entity
one.1) Name and addresses
Department for Education
Sanctuary Buildings, 20, Great Smith Street
London
SW1P 3BT
Telephone
+44 12345678
Country
United Kingdom
NUTS code
UK - UNITED KINGDOM
Internet address(es)
Main address
https://www.gov.uk/government/organisations/department-for-education
one.6) Main activity
Other activity
Education
Section two: Object
two.1) Scope of the procurement
two.1.1) Title
Risk Protection Arrangement Cyber Risk Pilot: Cyber Essentials Certification
two.1.2) Main CPV code
- 66517300 - Risk management insurance services
two.1.3) Type of contract
Services
two.1.4) Short description
The DfE proposes to award a one-year contract to The IASME Consortium Ltd (IASME) to deliver a Cyber Essentials Certification pilot.
two.1.6) Information about lots
This contract is divided into lots: No
two.1.7) Total value of the procurement (excluding VAT)
Value excluding VAT: £299,649
two.2) Description
two.2.2) Additional CPV code(s)
- 72810000 - Computer audit services
- 80531200 - Technical training services
two.2.3) Place of performance
NUTS codes
- UK - UNITED KINGDOM
two.2.4) Description of the procurement
The contract will focus on the delivery of the Cyber Essentials Certification in a limited 1-year pilot for up to 500 Risk Protection Arrangement (RPA) members and will include enhanced insurance cover for those members achieving accreditation.
two.2.11) Information about options
Options: No
two.2.13) Information about European Union Funds
The procurement is related to a project and/or programme financed by European Union funds: No
Section four. Procedure
four.1) Description
four.1.1) Type of procedure
Award of a contract without prior publication of a call for competition in the cases listed below
- The procurement falls outside the scope of application of the regulations
Explanation:
The DfE proposes to award a contract to The IASME Consortium Ltd (IASME) for the supply of the Cyber Essentials Certification as part of the 1-year Risk Protection Arrangement Cyber Risk Pilot.
The DfE believes that there is no other organisation in the market that can satisfy the technical requirements of the contract to award the Cyber Essentials Certification. With effect from 1 April 2020 and following a competitive procurement process, IASME were appointed as the sole body able to award Cyber Essentials Certification, the only government-backed quality assured standard, on behalf of the National Cyber Security Centre (NCSC). It is understood that there is no equivalent certification to the Cyber Essentials scheme available on the market that meets the standards and controls that the NCSC dictates.
It is therefore believed that there is not a market to deliver Cyber Essentials, in that there is only one Cyber Essentials Partner (IASME) that can deliver the scheme and to fit the standards required by the NCSC. The RPA seeks to align to the NCSC assured and established standard, as the subject matter experts within Government to ensure a quality standard for RPA members.
As a result, the DfE believes that Public Contracts Regulations 2015, Regulation 32(2) applies.
Regulation 32(2) states:
“The negotiated procedures without prior publication may be used for public works contracts, public supply contracts and public service contracts in any of the following cases:-
(b) where the works, supplies or services can be supplied only by a particular economic operator for any of the following reasons:-
(ii) competition is absent for technical reasons…”
The DfE is committed to the continued analysis of the longer-term need of Risk Protection Arrangement members and will continue to assess the market after this time-limited pilot. If it is determined via this analysis that an equivalent certification to meet member needs is available and that the DfE intends to continue supporting Risk Protection Arrangement Members in this way, then any further contract will be competed in line with the Public Contract Regulations 2015. This project is to deliver a short, limited pilot that is not expected to have a long-term impact on the market.
four.1.8) Information about the Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement: Yes
Section five. Award of contract/concession
Contract No
1
Title
Risk Protection Arrangement Cyber Essentials Certification
A contract/lot is awarded: Yes
five.2) Award of contract/concession
five.2.1) Date of conclusion of the contract
25 January 2021
five.2.2) Information about tenders
The contract has been awarded to a group of economic operators: No
five.2.3) Name and address of the contractor/concessionaire
The IASME Consortium Ltd (IASME)
Wyche Innovation Centre, Upper Colwall, Malvern
Malvern
Country
United Kingdom
NUTS code
- UK - UNITED KINGDOM
The contractor/concessionaire is an SME
Yes
five.2.4) Information on value of contract/lot/concession (excluding VAT)
Initial estimated total value of the contract/lot/concession: £299,649
Total value of the contract/lot/concession: £299,649
five.2.5) Information about subcontracting
The contract/lot/concession is likely to be subcontracted
Value or proportion likely to be subcontracted to third parties
Value excluding VAT: £233,315
Section six. Complementary information
six.4) Procedures for review
six.4.1) Review body
High Court
Royal Courts of Justice, The Strand
London
WC2A 2LL
Country
United Kingdom
six.4.2) Body responsible for mediation procedures
High Court
Royal Courts of Justice, The Strand
London
WC2A 2LL
Country
United Kingdom
six.4.3) Review procedure
Precise information on deadline(s) for review procedures
If any clarification regarding the award of the contract has not been successfully resolved, the Public Contracts Regulations 2015 (SI 2015 No 102) provide for aggrieved parties who have been harmed or are at risk of harm by breach of the rules to take legal action.
Any such action must be brought within the applicable limitation period. If a contract has been entered into the Court may, depending on the circumstances, award damages, make a declaration of ineffectiveness, order the authority to pay a fine and/or order that the duration of the contract be shortened.