1. Home
  2. DPS marketplace
Cyber Security Services 3 DPS

Clarifications

There are 126 clarifications for this DPS

73. We refer to DPS Schedule 7 cl. 2.2.1 which allows to reject the bid, but on the other hand as per DPS Schedule 4 cl.3.4 - repeated failure to bid may result in suspension from DPS. Can you please confirm if Supplier can reject the Order?
Answered in a previous question
Answered
24/09/2020 15:43
72. Clauses 7.1 - Please can the Authority consider that although the Supplier is able to provide reasonable co-operation to the Authority in the event that it receives a claim under pursuant to clause 7.1, the Supplier's contractual obligations should not extend to assisting the Authority in dealing with such claims as that may go beyond the intended scope of services. The Supplier would also not be permitted to disclose information about third parties.
Please can the supplier confirm which schedule they are referring to.
Answered
16/10/2020 12:55
71. Clause 4.1 - Would the Authority be willing to specify that insurance certificates will be an acceptable form of evidence that the Insurances are in force as per the requirements?
Insurance certificates are an acceptable form of evidence.
Answered
16/10/2020 12:57
70. Hi, We intend to use subcontractors to deliver some services/solutions. Is it permissible to include their certifications in Part 3 Question 162 of the Selection Questionnaire (Which of the following CESG cyber certifications does your organisation currently hold)? Thank you.
Please note that the answers to these questions relate to the organisation applying to be on the DPS and not any subcontractors. For reference, subcontractors are only allowed under the CHECK scheme, not under any other NCSC assured service categories. If you use a subcontractor for CHECK, they must also be CHECK assured.
Answered
24/09/2020 10:46
69. How long does it take to get registered as a supplier after completing the SQ?
CCS can confirm, that if an organisation successfully meets all of the selection criteria for the RM3764.iii DPS, then 'Appointed' DPS status can be confirmed the same day that an organisation submits their DPS application. However, in the event that an organisation negatively answers one or more of the selection questions and enters 'assessing' stage or 'disabled' stage, as per the information provided in the READ First DPS Needs document which forms part of the RM3764.iii bid pack, CCS have 15 working days to process your DPS application in accordance with the PCR2015. Kind regards CCS
Answered
13/03/2020 13:44
68. For questions 'Supporting commitment to develop and invest in skills, development and apprenticeships' and 'A certificate for each principal contract for goods and/or services provided in the last three years', would you please let us know the applicability and expected response?
Please provide evidence of any evidence of investing in skills, development and apprenticeships if possible. Please provide a summary for each contract submitted.
Answered
24/09/2020 11:56
67. Would you please let us know the required limit for professional indemnity insurance?
As per DPS Joint Schedule 3 - Insurance Requirements, suppliers must have professional indemnity insurance with cover of not less than £1,000,000.
Answered
06/03/2020 08:03
65. What are the legal structure options for a group of economic operators who do not wish to form a single legal entity? will a documented memorandum of understanding be sufficient?
One party should act as a prime contractor with the others acting as sub-contractors
Answered
10/11/2020 14:43
64. Can the example contracts in Q133 be for the Private sector?
The example contracts can be for Public or Private sector, providing they demonstrate that your organisation meets the requirements asked in the question.
Answered
06/03/2020 08:03
63. Hello Can you please confirm if there is a rebate for Cyber Services 3 DPS? Many thanks
If by rebate you are referring to the levy then as per the DPS Appointment Form (13- Management Levy), the Supplier will pay, excluding VAT, 1% of all the charges for the deliverables invoiced to the Buyer under all Order Contracts.
Answered
06/03/2020 08:02
61. Noting the recent amendment to include a liability cap for the indemnity provided at Core Terms 14.8, the Core Terms still provide an unlimited liability for IP and all "Applicable Laws" through clause 9.5 and 12.2. Does CCS have an appetite to provide a reasonable cap for these categories?
CCS has no plans to change the terms for IPR liability, which will remain as drafted.
Answered
19/02/2020 15:42
60. Hi Team: Thanks for the response to the clarification question on "unlimited liability for breaches of, inter alia, data, laws and IP". However, we are not able to locate in the DPS Bid Pack for the amended DPS Appointment Form V2.0, to see the updated Special Term (7), that removes the unlimited liability on Suppliers for GDPR breach and replaces it with a £10m cap. Please let us know once the new version of the DPS Appointment Form is uploaded in bid pack.
Please refer to the Bid Pack link in SRS where DPS Appointment Form version 2 containing Special Term 7 can be located.
Answered
19/02/2020 13:13
59. Please could you confirm what the value or percentage of the management fee will be?
As per the DPS Appointment Form (13- Management Levy), the Supplier will pay, excluding VAT, 1% of all the Charges for the Deliverables invoiced to the Buyer under all Order Contracts.
Answered
18/02/2020 10:10
58. We note that the definition of "Management Levy" states "the sum specified on the Platform payable by the Supplier to CCS in accordance with DPS Schedule 5 (Management Levy and Information)" however this schedule nor definition specifies the percentage value for the Levy, please can you confirm the expected value of the Levy?
As per the DPS Appointment Form (13- Management Levy), the Supplier will pay, excluding VAT, 1% of all the Charges for the Deliverables invoiced to the Buyer under all Order Contracts.
Answered
18/02/2020 10:10
57. Currently there when clicking on "view suppliers" none are listed. When will this go live please?
CCS can confirm that the if you click on the 'view Suppliers' link they should all now be visible
Answered
18/02/2020 12:55
56. Within Attachment 1 - Cyber Services 3 Filter Matrix v1 you have MPPV (1, 2, 3) standard listed in Filter 3 tab. Please can you confirm that this relates to the NPPV scheme run by Warwickshire police?
We can confirm that it is NPPV (Non-Police Personnel Vetting). CCS is currently correcting the sub filter and will notify all suppliers once the DPS and he bid pack documents have been amended.
Answered
18/02/2020 10:09
55. Hi Team: Core Terms provide for unlimited liability for breaches of, inter alia, data, laws and IP (Core Terms 11.5)). This isn't industry standard for the type of services requested by the ITT and may prevent Tier 1 suppliers from bidding on this framework or subsequent call-off engagements. This further contradicts guidance in the Outsourcing Playbook published by the Government Commercial Function advising government entities not to ask suppliers to accept unlimited liability or to assume unreasonable/ un-quantifiable risk. Please advise whether CCS would consider introducing a reasonable liability cap for these categories or include within the general damages cap on both framework and call-off levels.
CCS can confirm that following further review of the clarification questions received in relation to the liability clauses within the Core Terms of the Terms and Conditions, a Special Term (7) has now been included in the DPS Appointment Form. The DPS Appointment Form is electronically signed by the Supplier in the DPS Agreeing stage, to enable a Supplier to become 'Appointed' to the DPS (as detailed in Section 6 of the READ First DPS Needs document within the bid pack). This special term (7) removes the unlimited liability on Suppliers for GDPR breach and replaces it with a £10m cap. CCS consider this a reduction in exposure which should reduce Suppliers' perceived risk. Please refer to Attachment 7 - Part 2, in the DPS Bid Pack to locate the amended DPS Appointment Form V2.0 for information.
Answered
12/02/2020 12:58
52. We have a clarification question on Question 77 Cyber Security Services 3 DPS Registration Questionnaire. Our question : Please can we check that we are interpreting this question correctly. Should we read it as; "Does your organisation have the following standards (certifications)" E.g. Does your organisation have people with DV clearances? Or does it mean "Is your organisation able to certify to these standards?" E.g. Are you able to issue DV clearances? 77. Please select the 'Standards', that your organisation is able to provide 'Non-assured NCSC Services' for. Tick all that apply. Cyber Essentials Plus CREST/Tiger/Cyber/Other Qualified PCI Assessor Project Management - APM Qualified Project Management - PRINCE Qualified Clearance: Counter Terrorist Check Clearance: Security Check Clearance: Developed Vetting MPPV 1,2,3
This question is referring to whether your organisation has staff who are cleared to a particular security level (some Govt organisations will require staff and contractors to be cleared to a certain level before being given access to their premises and or data). It is not asking whether your organisation is able to issue security clearances.
Answered
06/02/2020 12:36
51. RM3764iii Cyber Services 3 - Dynamic Purchasing Systems Agreement. Selection Questionnaire: Question 1. Question 0.1 Asks, do you want to submit a completed EU ESPD in response to questions 21 through to 103.60 (Sub-Contractor questions) and questions 105 through to 126 (Exclusion Grounds) of this Selection questionnaire? We are not listing or using any Sub-Contractors, therefore not providing a response to questions 21 through to 103.60, but are we still required to provide a response to questions 105 through to 126 (Exclusion Grounds). Question 2. Part 3: For the Relevant Experience Questions 133, 134, and 135 we have responded no, as in Section 4.35 of the Dynamic Purchasing System Agreement, page 15, it states that Part 1, Example 1, 2 and 3, questions Q133, Q134 and Q135, are not applicable to this RM376iii - Cyber Services 3 procurement. Can you please confirm that this is correct
Q1 - Yes you are required to provide a response to all mandatory questions including questions 105 to 126. Q2 part 3 - That is correct, questions 133 - 135 are not applicable as detailed in the READ FIRST DPS Needs document
Answered
12/02/2020 13:01
49. For the purpose of the SQ and DPS submission do we need to complete the Financial Assessment Document? We are aware the Subcontractors and Economic attachments should be completed based on the answer in response to this. Could you also confirm where we would upload the document if this is required?
CCS can confirm that attachement 3 Financial Assessment in the Bid Pack is for information only and will be used by CCS Commercial Finance Team in the event that a supplier fails to meet the financial threashold score of 40 as detailed in section 14.3 of the READ FIRST DPS Needs document. Further information in relation to financial criteria for this DPS can be loacted in section 4.11 to 4.20 (Economic and Financil Standing) of the READ FIRST DPS Needs document.
Answered
19/02/2020 13:15

Welcome to Supplier Registration Service chat.
Please do not send any confidential information.

Please be aware that this chat is using translation software powered by Google Translate which may affect the accuracy of the language and phrases used.

Are you sure you wish to end this chat? Are you sure you wish to disconnect this chat? New chat message from Please use the 'End Chat' link to end this chat and close the window. Do you want to reset the chat window position? Reset windows