Section one: Contracting authority
one.1) Name and addresses
The Financial Ombudsman Service Limited
Exchange Tower, Harbour Exchange Square,
London
E14 9SR
procurement.enquiries@financial-ombudsman.org.uk
Telephone
+44 2037169072
Country
United Kingdom
Region code
UKI - London
Internet address(es)
Main address
https://www.financial-ombudsman.org.uk
one.3) Communication
The procurement documents are available for unrestricted and full direct access, free of charge, at
https://procurement.financial-ombudsman.org.uk/web/login.html
Additional information can be obtained from the above-mentioned address
Tenders or requests to participate must be submitted electronically via
https://procurement.financial-ombudsman.org.uk/web/login.html
Tenders or requests to participate must be submitted to the above-mentioned address
one.4) Type of the contracting authority
Body governed by public law
one.5) Main activity
Economic and financial affairs
Section two: Object
two.1) Scope of the procurement
two.1.1) Title
Security Operations Centre (SOC)
two.1.2) Main CPV code
- 72000000 - IT services: consulting, software development, Internet and support
two.1.3) Type of contract
Services
two.1.4) Short description
The Financial Ombudsman Service intends to place a contract for the provision of a managed Security Operations Centre (SOC) service to provide the following:
1. Provision of a modern and fit-for-purpose SOC capability operating 24 hours a day, 7 days a week, 365 days a year (working in concert with the Financial Ombudsman Service’s cyber security team);
2. Undertake standard security operations functions including:
a) Performing triage of security incidents, core security incident response, and escalation activities (we refer to these as level 1 and 2 activities);
b) Tuning/configuration of the Security Information & Event Management (SIEM) solution and associated Security Orchestration, Automation & Response (SOAR) capabilities;
c) Responding to threat intelligence and performing proactive threat hunting;
d) Management, investigation, and resolution of critical/major security incidents including digital forensics as required; and
e) Conducting process improvement activities to improve the effectiveness of the SOC.
3. Provision of cyber security resources on demand to augment the Financial Ombudsman Service's team on an ad-hoc basis. These resources maybe involved in project or business as usual activities.
two.1.5) Estimated total value
Value excluding VAT: £900,000
two.1.6) Information about lots
This contract is divided into lots: No
two.2) Description
two.2.2) Additional CPV code(s)
- 72400000 - Internet services
- 72500000 - Computer-related services
- 72600000 - Computer support and consultancy services
two.2.3) Place of performance
NUTS codes
- UKI - London
two.2.4) Description of the procurement
The Financial Ombudsman Service intends to place a contract for the provision of a managed Security Operations Centre (SOC) service to provide the following:
1. Support of the existing SOC team to enable a modern and fit-for-purpose SOC capability operating 24 hours a day, 7 days a week, 365 days a year.
We are looking for a supplier that can provide a SOC capability that functions over a 24-hour period, 7 days a week, 365 days a year.
2. Undertake standard security operations functions including:
a) Performing triage of security incidents, core security incident response, and escalation activities (we refer to these as level 1 and 2 activities);
b) Tuning/configuration of the Security Information & Event Management (SIEM) solution and associated Security Orchestration, Automation & Response (SOAR) capabilities; and
c) Responding to threat intelligence and performing proactive threat hunting.
The SOC service will tune and configure our SIEM tool on an ongoing basis. We expect the supplier to maintain an up to date knowledge of industry best practices and threat intelligence sources to inform the tuning and configuration process.
In addition to this, we require the SOC capability to monitor and respond to alerts from the SIEM solution and manage any related incidents, liaising with the Financial Ombudsman Service team where required.
3. Management, investigation, and resolution of critical/major security incidents, including digital forensics as required.
If we suffer a major security incident, we may ask the supplier to assist with the management, investigation, and resolution of it. This may involve attending the Financial Ombudsman Service’s offices.
4. Conducting agreed ongoing process improvement activities that will strengthen and improve the SOC’s ability to effectively detect and respond to the changing landscape of threats faced by the Financial Ombudsman Service and the financial services industry.
5. Provision of cyber security resources on demand to augment the Financial Ombudsman Service's team on an ad-hoc basis. These resources maybe involved in project or business as usual activities.
Provision of information security resources to augment our existing information security team, as called-off by us on an ad-hoc basis. These resources may be involved in project or business as usual activities in the Cyber Security area.
two.2.5) Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
two.2.6) Estimated value
Value excluding VAT: £900,000
two.2.7) Duration of the contract, framework agreement or dynamic purchasing system
Duration in months
36
This contract is subject to renewal
Yes
Description of renewals
A 3 year contract with the option to extend for a further 3 years in annual increments.
two.2.9) Information about the limits on the number of candidates to be invited
Envisaged number of candidates: 5
Objective criteria for choosing the limited number of candidates:
See procurement documents.
two.2.10) Information about variants
Variants will be accepted: No
two.2.11) Information about options
Options: No
two.2.13) Information about European Union Funds
The procurement is related to a project and/or programme financed by European Union funds: No
Section three. Legal, economic, financial and technical information
three.1) Conditions for participation
three.1.2) Economic and financial standing
Selection criteria as stated in the procurement documents
three.1.3) Technical and professional ability
Selection criteria as stated in the procurement documents
three.2) Conditions related to the contract
three.2.2) Contract performance conditions
As stated within the draft Terms and Conditions as issued with the tender documents.
Section four. Procedure
four.1) Description
four.1.1) Type of procedure
Restricted procedure
four.1.8) Information about the Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement: No
four.2) Administrative information
four.2.2) Time limit for receipt of tenders or requests to participate
Date
18 December 2023
Local time
5:00pm
four.2.3) Estimated date of dispatch of invitations to tender or to participate to selected candidates
22 January 2024
four.2.4) Languages in which tenders or requests to participate may be submitted
English
four.2.6) Minimum time frame during which the tenderer must maintain the tender
Duration in months: 6 (from the date stated for receipt of tender)
Section six. Complementary information
six.1) Information about recurrence
This is a recurrent procurement: No
six.2) Information about electronic workflows
Electronic invoicing will be accepted
Electronic payment will be used
six.4) Procedures for review
six.4.1) Review body
Financial Ombudsman Service
London
E14 9GE
procurement.enquiries@financial-ombudsman.org.uk
Country
United Kingdom