Section one: Contracting authority
one.1) Name and addresses
University of Glasgow
Procurement Office, Tay House
Glasgow
G12 8QQ
Contact
Stephen Otiende
Telephone
+44 1413304012
Fax
+44 0000000000
Country
United Kingdom
NUTS code
UKM82 - Glasgow City
Internet address(es)
Main address
Buyer's address
https://www.publiccontractsscotland.gov.uk/search/Search_AuthProfile.aspx?ID=AA00108
one.4) Type of the contracting authority
Body governed by public law
one.5) Main activity
Education
Section two: Object
two.1) Scope of the procurement
two.1.1) Title
PURCH2317 PROVISION OF A CONTRACT FOR MANAGED SECURITY SERVICES
Reference number
PURCH2317
two.1.2) Main CPV code
- 72212732 - Data security software development services
two.1.3) Type of contract
Services
two.1.4) Short description
PURCH2317 PROVISION OF A CONTRACT FOR MANAGED SECURITY SERVICES FOR THE PERIOD OF 3 YEARS WITH THE OPTION TO EXTEND FOR TWO PERIODS OF 12 MONTHS EACH WITH BREAKPOINTS AT EACH 12 MONTH INTERVAL.
Tender documents available from Public Contracts Scotland.
Tender returns should be submitted via Public Contracts Scotland, no paper copies will be accepted. Should paper tenders be submitted, they will be rejected. Further to this any questions or communications regarding individual tender exercises must be sent via the Public Contracts Scotland Portal. Tender queries received through any other channel will not be answered. Should users of Public Contracts Scotland have any problems with the web site they should contact website Support Desk, contact details can be found by following the ‘Contact Us’ option on the left hand menu at http://www.publiccontractsscotland.gov.uk/default.aspx
two.1.6) Information about lots
This contract is divided into lots: No
two.2) Description
two.2.3) Place of performance
NUTS codes
- UKM82 - Glasgow City
two.2.4) Description of the procurement
PURCH2317 PROVISION OF A CONTRACT FOR MANAGED SECURITY SERVICES FOR THE PERIOD OF 3 YEARS WITH THE OPTION TO EXTEND FOR TWO PERIODS OF 12 MONTHS EACH WITH BREAKPOINTS AT EACH 12 MONTH INTERVAL.
The UofG Information Security team establishes the policy, toolset, and oversight for robust defence against cyber threats. Cyber security alerts are generated around the clock, given the University's extensive online operations. The University has adopted Office 365 Education A5 Licensing and currently leverages Microsoft Sentinel as a SIEM and alerting tool. In addition to Sentinel's native and Microsoft 365 Defender alerts, we also incorporate Suricata IDS and select Windows log-based events. These are likewise accessible to UofG staff through the console.
We necessitate services encompassing Security Operations Centre with Microsoft XDR capabilities as well as an Incident Response retainer to bolster our cybersecurity posture.
A partner is required assist with the operations and engineering tasks associated with the monitoring of this system in a 24x7x365 fashion. Actioning agreed alerts according to UofG playbook specifications (this could include a wide range of responses including, isolation machine with malware, flagging email accounts as compromised, initiating remote forensic investigations)
We are also seeking a partner to provide additional Threat Hunting, Threat Intelligence and advice on security best practice and design for gathering further security telemetry from a diverse set of technologies such as additional server-based log sources, Sophos Central, Cisco Firepower and InfoBlox. To help us further increase our visibility and security posture.
We additionally require Incident Response capability to be offered via retainer.
Refer to ITT document for detailed specification.
two.2.5) Award criteria
Quality criterion - Name: Technical Capability / Weighting: 25%
Quality criterion - Name: Functionality / Weighting: 10%
Quality criterion - Name: Additional Services and Supplier Certifications / Weighting: 10%
Quality criterion - Name: Customer Access / Weighting: 10%
Quality criterion - Name: University Terms and Conditions / Weighting: 5%
Price - Weighting: 40%
two.2.11) Information about options
Options: No
two.2.13) Information about European Union Funds
The procurement is related to a project and/or programme financed by European Union funds: No
Section four. Procedure
four.1) Description
four.1.1) Type of procedure
Open procedure
four.1.8) Information about the Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement: Yes
four.2) Administrative information
four.2.1) Previous publication concerning this procedure
Notice number: 2023/S 000-031644
Section five. Award of contract
Contract No
PURCH2317
A contract/lot is awarded: No
five.1) Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section six. Complementary information
six.3) Additional information
Once the deadline has passed submissions can neither be created nor submitted. It is not advisable for Suppliers to wait until the last moment before creating and dispatching a response in case of any last minute problems. Please note large files should be uploaded as early as possible to ensure transfer before deadline. If a Supplier is having problems uploading to the PCS site, then the University must be informed well in advance and depending upon the merit of the case, the University may arrange for the tender to remain open on the PCS system for a short period after the deadline time stated. System problems do not fall under the University’s remit and should be referred to PCS.
Postbox Security: Postbox submissions cannot be accessed by anyone, including Millstream, (the provider of the Public Contracts Scotland system) until the deadline.
Freedom of Information
The Freedom of Information (Scotland) Act 2002 (FOISA), which came into force on 1 January 2005, designates University of Glasgow as a Scottish public authority and therefore subject to the provisions and obligations in that Act. This means that any person who makes a valid request for information held by University of Glasgow will be entitled to receive it, unless all or part of that information can be withheld by virtue of the exemptions in that Act.
under the Act, University of Glasgow may be required to disclose any information held relating to your response to anyone who makes a request under that Act. Such information may only be withheld if it meets one or more of the exemptions or conditions in that Act. Even if an exemption is available University of Glasgow may nevertheless disclose requested information. Information held cannot simply be classified as “confidential" or "commercial in confidence" to enable it to be protected from disclosure.
University of Glasgow may publish the names and contact details of companies who have been issued with a Questionnaire on its website.
Information may also be requested under the UK General Data Protection Regulation (UK GDPR) tailored by the Data Protection Act 2018 and the Environmental Information (Scotland) Regulations 2004.
(SC Ref:761542)
six.4) Procedures for review
six.4.1) Review body
Glasgow Sheriff Court & Justice of the Peace Court
1 Carlton Place
Glasgow
G5 9TW
Country
United Kingdom