1. Home
  3. DPS marketplace
Cyber Security Services 3 DPS

Clarifications

There are 131 clarifications for this DPS

120. Good Morning, We have a subcontractor based in the Netherlands, they have do not have a UK residency. They are wholly owned by another company who do have a UK residency. We are going to input the UK address of that company, but in regards to company number and details, should it be the company based in the UK or the company based in the Netherlands? Thanks!
As stated in the DPS needs document you must disclose details for all subcontractors who directly contribute to your ability to meet your obligations under the DPS agreement, if this is the company based in the UK these are the details you will need to include within your submission
Answered
13/02/2023 13:10
119. Good Evening, I've asked a previous question about whether an ISO 2007 supersedes the need for a cyber essentials certificate. In the answer, we were told that cyber essentials is mandatory but an ISO 2007 supersedes the need. Are you please able to confirm if we will be able to complete a successful application with only an ISO 2007 certification. Thankyou.
With regards to equivalence and subsequent acceptance, we refer you to the Procurement Policy Note 09/14 (Cyber Essential scheme certification). Please refer to Annex A & C (of the PPN) which covers the key requirements and provides an overview of equivalence specific to those organisations holding ISO 27001 certification.
Answered
02/02/2023 11:08
118. Regarding Joint Schedule 8 Article 2.1, the guarantee does not have a limit of amount. In paragraph 2.2. of the template it states that The Guarantor irrevocably and unconditionally undertakes upon demand to pay to the Beneficiary all monies and liabilities which are now or at any time hereafter shall have become payable by the Supplier to the Beneficiary under or in connection with the Guaranteed Agreement or in respect of the Guaranteed Obligations as if it were a primary obligor. Could there be a limit please? Two times the value of the contract for example?
CCS does not agree, the schedule and clause shall remain as drafted.
Answered
31/01/2023 16:18
117. Is a cyber essentials certificate required if we have a ISO 27001 Certification instead. Or is the cyber essentials certificate required regardless? Thank you
The Cyber Essentials Scheme (set of controls) is mandatory, however as detailed in PCR 2015 suppliers can offer alternative certification to evidence they have achieved these controls. ISO 27001 is a suitable alternative, any certification must be verified by an accrediting body and evidence that you meet the scheme requirements.
Answered
30/01/2023 14:13
116. Hello, I have searched through the bid pack and I am unable to find clarification. Does a ISO 27001 Certification supersede the need for a Cyber Essentials basic? Or is the Cyber Essentials certificate still required?
Could you please confirm whether you are referring to the mandatory or additional accreditations and standards as detailed in the 'buyer needs' document within the bid pack?
Answered
26/01/2023 15:05
115. r.e. Joint Schedule 3 - Article 1.3, specifically, ''The Supplier shall ensure that the public and products liability policy contain an indemnity to principals clause under which the Relevant Authority shall be indemnified in respect of claims made against the Relevant Authority in respect of death or bodily injury or third party property damage arising out of or in connection with the Deliverables and for which the Supplier is legally liable. '' Is it mandatory to have the indemnity to principals clause within our public and products liability policy?
CCS can confirm that is correct as detailed in Joint Schedule 3, clause 1.3
Answered
20/01/2023 13:10
114. In Article 7.5 and 8.3 we note there is no limit to the indemnity. Could you please clarify if this article is covered by Articles 11.1 (Each Party's total aggregate liability in each Contract Year under this DPS Contract is no more than £100,000) and 11.2 (Each Party's total aggregate liability in each Contract Year under each Order Contract is no more than the greater of £1 million or 150% of the Estimated Yearly Charges unless specified in the Order Form)?
Please refer to Core terms 11.5 and Special Term 7 within the DPS Appointment Form
Answered
03/01/2023 13:34
113. Nothing is foreseen within the Core Terms Article 10.3 regarding the payment for the work already performed. Please could you clarify if there would be payment for the work already performed?
CCS can confirm that existing payment obligations formed via provision of Deliverables prior to Termination would still apply. We would refer you to 10.5.2 and 10.5.7 for the consequences of Termination under 10.3
Answered
05/01/2023 13:00
112. r.e. Article 1.3, is it mandatory to have the indemnity to principals clause within our public and products liability policy?
Could you please confirm the clause you are referring to?
Answered
03/01/2023 13:35
111. Regarding Joint Schedule 8 Article 2.1 Please could you confirm that a company can be the guarantor (where it is stated that the guarantor shall be ''any person acceptable to CCS/Buyer to give a DPS/Order Guarantee'')? And can there be a limit of amount?
Please refer to the Deed of Guarantee within Joint Schedule 8. The guarantor can be a company and will need to guarantee all of the suppliers obligations. Please see previous response a guarantor is not a condition of appointment to this DPS unless specified by CCS Commercial Finance team in the event that a supplier fails to meet the financial threshold score.
Answered
03/01/2023 13:42
110. Regarding DPS Core Terms 3.2.11 With respect to article 3.2.11. You state: "The Buyer can cancel any order or part order of Goods which has not been Delivered. If the Buyer gives less than 14 days notice then it will pay the Supplier's reasonable and proven costs already incurred...". Can you confirm that if the Buyer cancels an order through no fault of the Supplier but the Supplier has incurred costs then the costs can be recovered even if more than 14 days is given?
CCS does not agree. The clause shall remain as drafted.
Answered
05/01/2023 13:01
109. Could you please clarify question 180: 'Upload documentary evidence for a certificate for each principal contract for goods and/or services provided in the last 3 years'. Can you provide guidance on what is expected of such a certificate and what it should contain?
Please refer to the 'Read First RM3764.3 Cyber Services DPS Needs' document within the bid pack. This question is not applicable and no evidence is required as part of your DPS submission. Awarding buyers only may request for evidence in accordance with their statement of requirements at award stage.
Answered
18/10/2022 09:02
108. I am applying for RM6235 -Space Enabled & Geospatial Services Dynamic Purchasing System Agreement. I've looked in the documentation but I can't find any guidance on question 180: 'Upload documentary evidence for a certificate for each principal contract for goods and/or services provided in the last 3 years'. Can you provide guidance on what is expected of such a certificate and what it should contain?
This is the RM3764.3 Cyber Security Services 3 DPS, to ask clarifications for RM6235 please click on 'clarifications' under the Space Enable and Geospatial Services DPS
Answered
28/09/2022 15:37
106. The CCS frameworks website lists "managed security services including crest accredited Security Operations Centre (SOC) and managed detection and response". The Services Matrix v3 in the Bid Pack v4 does not have SOC and MDR listed. Can you please confirm if Buyers can buy SOC and MDR services through this framework? If so, how many Orders have been placed for these services to date?
The service matrix includes SOC, MDR and Crest Accredited SOC
Answered
28/09/2022 15:41
105. Both of the previous two questions regarding submitting evidence and parent company guarantee relate to the supporting evidence requested by CCS, not the Cyber Security DPS SQ itself.
Answered directly
Answered
20/01/2023 11:23
104. CCS has requested a parent company guarantee, our parent company is purely for shareholding purposes and all revenue is generated and managed through the company making the application, What action should we take?
Could you please confirm which question on the SQ you are referring to?
Answered
08/06/2022 12:06
103. How do I share the evidence that's been requested? I can't see anywhere to attach or submit our insurance certificates etc.
Could you please confirm which question on the SQ you are referring to?
Answered
08/06/2022 12:06
101. Where can I get a list of supplier contact details?
Supplier contact details are obtained via filtering on the DPS for the services you require. I will contact you with information on the buying process
Answered
04/02/2022 11:49
100. Is CCS willing to make the same changes to RM3764iii under the Framework Award Form as they have done under RM3808? This would involve amendments to Clauses 3.2.2, 3.2.11, 8.7 and 10.3.2 of the Core terms DPS?
CCS can confirm that these are standard Clauses and will remain unchanged.
Answered
21/10/2021 15:59
99. With reference to Clarification Question 22, please could you advise where the requirement for supplier employees to be BPSS cleared is stated in the Bid Pack? Many thanks
Please refer to the DPS Buyer Needs document within the bid pack
Answered
18/10/2021 08:34
Export

Welcome to Supplier Registration Service chat.
Please do not send any confidential information.

Please be aware that this chat is using translation software powered by Google Translate which may affect the accuracy of the language and phrases used.

Are you sure you wish to end this chat? Are you sure you wish to disconnect this chat? New chat message from Please use the 'End Chat' link to end this chat and close the window. Do you want to reset the chat window position? Reset windows