1. Home
  3. DPS marketplace
Cyber Security Services 3 DPS

Clarifications

There are 123 clarifications for this DPS

44. In the Bid Pack document: READ FIRST RM3764iii Cyber Services DPS Needs v1 you say: "You need to send your questions through the DPS Marketplace clarification link (on SRS) or the DPS Mailbox address info@crowncommercial.gov.uk and as detailed in the OJEU Contract Notice. Both options can be used to communicate with us." As far as we can see, there is no DPS Marketplace clarification link on SRS and our attempt to use Live Chat (ref 10302401) did not get a response, so we are hoping that you will be able to route our questions to the appropriate person via this general mailbox. Here are the questions: 1. The online Selection Questionnaire HMG_UNIT_SQ-363-v8 seems to include questions on which CESG cyber certifications we hold, but these questions are not in the pdf version of the SQ in the RM3764iii Cyber Services DPS bid pack and do not appear to be referenced anywhere else in the documentation. Can you clarify please? The pdf version of the SQ does reference NCSC Assured and Non-assured services (Q65-77 in the Registration Questionnaire section) and they are included in Attachment 1 - Cyber Services 3 Filter Matrix v1. However there is no mention of them in the mandatory requirements (RM3764iii Cyber services 3 DPS Buyer Needs v1, section 3). Bramble Hub uses sub-contractor partners to deliver its services, who have NCSC certified specialists (CPP )and products (CAPS). Are we correct in understanding that we can bid for the framework?
CCS can confirm sub-scontractors are permissable as part of bidders DPS submission. For full details on how to register for the Supplier Registration Service (SRS) and how to apply for the RM3764.iii Cyber Services 3 DPS, please refer to the READ First DPS Needs document in the bid pack.
Answered
31/01/2020 11:36
43. Please could you provide an ETA / timeframe that clarification questions are responded to? We were hoping to submit our response on the 13th, however are unable to do so without having confirmed and completed documentation to meet Framework requirements.
Can you please advise which clarification questions you are referring to as unanswered to enable CCS to further investigate.
Answered
12/02/2020 12:56
42. In relation to Clause 10.5.2 - where it states that payment obligations stop immediately on termination save for any accumulated rights. Can you confirm that the Buyer is still liable for payment of work performed up until termination?
The Buyer is obliged to pay invoices for all undisputed Goods and Services delivered up to the point of termination in accordance with Clause 4.4.
Answered
13/02/2020 11:20
41. In relation to Core Term 14.3 - can you confirm that this is only related to engagements where we (the Supplier) would be the only holder of the data such as a managed service.
Please refer to the definition of Government Data in Joint Schedule 1. The Supplier is required to securely hold any Government Data it receives from the Buyer through the course of the Order Contract as specified in this Clause.
Answered
13/02/2020 11:21
40. Hi, we have been accepted onto the Cyber Security Services 3 DPS, as an Appointed Supplier. However we are unable to see where we upload service definitions etc. We clicked on the Update Evidence button on our dashboard profile however it advised that no evidence is required. If this is the case please advise if there are any other actions we need to do at this stage, thanks
CCS can confirm that suppliers are not required to upload definitions of service definitions in support of the services selected in their submission. Once appointed to the DPS, there are no further actions required only those specified by buying organisations at compeition stage, if a supplier is invited to a competition. Additionally, any requirements as specified in the Terms and Conditions (T's&C's) such as MI, Cyber certification etc, which will be requested by the designated CCS Commercial Agreement Manger in accordance with the T's&C's.
Answered
31/01/2020 11:07
39. With regards to Joint Schedule 4 (Commercially Sensitive Information) which applies to both a call off/and the framework contract. Could you confirm if suppliers are required to complete the order form template at this stage?
The order form template forms the contract between the customer (buying organisation) and you as the supplier and therefore does not need to be completed until you have tendered for and are awarded work under a call-off.
Answered
02/04/2020 08:22
38. There is a Guarantee in Joint schedule 8. Can you clarify that a DPS Guarantee is not required as a condition of the award of the DPS Contract?
CCS can confirm that a guarantor may be required subject to CCS Commercial Finance team assessment, in the event that a supplier fails to meet the financial threshold score (40) for this DPS, and any subsequent additional financial requirements as specified at section 4.11 - 4.20 of the READ First DPS Needs document which forms part of the bid pack. Guarantors are corporate guarantors and will only be permissable at CCS request as above. A guarantor is not a condition of appointment to this DPS unless specified by CCS Commercial Finance team in accordance with the response provided above.
Answered
31/01/2020 11:08
37. 1. Can we bid on one lot and subsequently bid/ add to the lots as and when? For example if we bid on Lot 1 now and are live and active, perhaps 2 months later wish to be on Lot 2 and 3 - will this be possible to be added as a supplier at any time during the DPS Agreement? 2. Can you clarify what is the assessment timelines from when a DPS is submitted to award selection? 3. How long does the assessment of the evaluation take from submission to when a supplier can be approved under the DPS and be live?
CCS can confirm that there are no Lots in a DPS. Suppliers as part of their DPS submission confirm which of the services they can provide as detailed in Attachment 1 - Cyber Services 3 filters as detailed in the bid pack. During the lifetime of the DPS, suppliers can update their service offering (add/ remove) by following the Update Answers guidance as detailed in the READ First DPS Needs document which forms part of the bid pack. CCS can confirm that assessment timelines are subject to supplier responses. For example if a supplier successfully completes their DPS submission on day 1 of commencing their Selection Questionnaire by meeting all the required selection criteria, they can become appointed to the DPS on the same day. However, in the event a supplier fails to meet all of the selection questionnaire requirements and enters into assessing stage, CCS have 15 working days to work with the supplier and conclude the reasons for assessing status.
Answered
31/01/2020 11:12
36. With regards to Joint schedule 3 (Insurance), Clause 7.2 - Except where the Relevant Authority is the claimant party, the Supplier shall give the Relevant Authority notice within twenty (20) Working Days after any insurance claim in excess of 10% of the sum required to be insured pursuant to Paragraph 5.1 relating to or arising out of the provision of the Deliverables or this Contract on any of the Insurances or which, but for the application of the applicable policy excess, would be made on any of the Insurances and (if required by the Relevant Authority) full details of the incident giving rise to the claim. Can you please clarify that this notification is only applicable to third party claims which would have the effect of reducing the level of minimum cover available for any claims under a Contract?
Yes, that is correct. CCS can confirm this notification is only applicable to third party claims which would have the effect of reducing the level of minimum cover available for any claims under a Contract
Answered
13/02/2020 11:17
35. Bid pack Attachment 6 Selection Questionaire PDF (inf only) - lists Joint Schedule 5 (Corporate Social Responsibility) RM3764.iii. Where is this document as we cannot locate in the bid packs. Thank you
CCS can confirm that Joint Schedule 5 (Corporate Social Responsibility) should be contained in Attachment 7b - Part 3 of the bid pack, and as listed in the DPS Appointment Form. CCS can confirm that this Schedule will be uploaded to the bid pack in due course. A notification to all suppliers once the Schedule has been uploaded will be issued.
Answered
31/01/2020 11:13
34. Good afternoon, Clause 14.8 of the DPS Core Terms v1.0 indemnifies CCS and each Buyer against any and all Losses incurred if the Supplier breaches Clause 14 and any Data Protection Legislation. Clause 11.5 states that this would be on an uncapped basis. Can you please confirm this is correct or can the indemnity be made subject to a liability capping formula?
CCS can confirm that following further review of the clarification questions received in relation to the liability clauses within the Core Terms of the Terms and Conditions, a Special Term (7) has now been included in the DPS Appointment Form. The DPS Appointment Form is electronically signed by the Supplier in the DPS Agreeing stage, to enable a Supplier to become 'Appointed' to the DPS (as detailed in Section 6 of the READ First DPS Needs document within the bid pack). This special term (7) removes the unlimited liability on Suppliers for GDPR breach and replaces it with a £10m cap. CCS consider this a reduction in exposure which should reduce Suppliers' perceived risk. Please refer to Attachment 7 - Part 2, in the DPS Bid Pack to locate the amended DPS Appointment Form V2.0 for information.
Answered
13/02/2020 11:15
33. Awaiting response to the question on Attachment 1 - Cyber Services 3 Filter Matrix v1 lists the CNI sectors. Row 11 contains "Civil Nuclear Communications". Is this a typographical error and should read "Civil Nuclear" and "Communications" as a separate entry?
CCS are currently amending the Civil Nuclear Communications sub filter, which will be changed to 2x filters (Communications and Civil Nuclear in the CNI category. CCS will issue a notification to all suppliers once the DPS and all corresponding bid pack documents have been amended.
Answered
24/09/2020 15:41
32. The 'register' questionnaire ends at 81/83, with page 81 stating "93% through this questionnaire". Please could the DPS review all documents and re-release a definitive bid pack.
The Selection Questionnaire PDF is for information only, to provide bidders with an overview of the questions that they will be presented with in the DPS digital platform as part of their submission.
Answered
31/01/2020 11:30
31. Within the Selection Questionnaire, the pages seem to skip from page 123 > 136 > 143 (PDF page count is 123, 124 & 125). It then returns to a "normal" count. Please advise, if the document is missing content ASAP.
The PDF shows all possible questions for the standard Selection Questionnaire, dependent on a Users answers the dynamic build will only present a User with the questions related to their answers. The PDF does not include pages 124 - 135, as these are questions within the workflow that a Buyer would see, i.e. request evidence. Therefore, are not included in the PDF as these are not relevant to a Supplier's journey.
Answered
31/01/2020 11:15
30. Attachment 6 Selection Questionnaire Page 137 Does the scope of the "similar service" extend beyond Certified Professionals? We note that qualifications from different bodies are already referenced in the Certified Consultancy application.
The scope extends beyond certified professionals. Providing a company is able to offer these services, whether certified or not (as individuals or an organisation) then you can be listed under the non-NCSC assured route. However, the buyer will provide more detailed specifications when calling off via this agreement and these may include specific certifications which you would need to be able to evidence.
Answered
28/01/2020 08:21
29. Attachment 6 Selection Questionnaire Page 137 Can the authority confirm that the term "assured" as in assured cyber services should be interpreted as certified as per the NCSC website? (See https://www.ncsc.gov.uk/section/products-services/ncsc-certification)
NCSC have confirmed that NCSC assured is the same as NCSC certified. NCSC will be changing the language as they transform their services in the future.
Answered
28/01/2020 08:20
28. Please could the Framework confirm which bid pack(s) are correct?: There is a disparity between those on the 'contracts finder' site and the DPS site. Contracts finder has individiual folders (7, 7A, 7B and 7C) but none included the Selection Questionnaire. The DPS site has one overall folder, with all folders (7, 7a and 7b) apart from folder 7C. It does include the Selection Quesionnaire (215 pages). Is the DPS one correct and does it supercede the documents & folders on the contracts finder site? Thank you.
Please disregard the bid pack on Contracts Finder, and utilise the bid pack documents in the Supplier Registration Service (SRS). Contracts Finder will be amended in due course to replicate SRS.
Answered
28/01/2020 08:19
27. Hi, In reference to the document "READ FIRST RM3764iii Cyber Services DPS Needs v1.PDF". Paragraph 4.35 states various questions which are NOT required for submission. For Paragraph 4.36, can you please clarify if the questions numbers listed (i.e. Q166 - Q172, Q174, Q176, Q179 - Q185) are Required or NOT-Required for submission? Many thanks
"These questions are not applicable and no evidence is required as part of your DPS submission. Awarding buyers only may request for evidence in accordance with their statement of requirements at award stage. Apologies, the 'Respond' option will only be visible to the User completing the 'Registered 1' submission. This link will be before the 'View' and 'Delete' options.
Answered
28/01/2020 09:56
26. General Also, please note that in a number of DPS Order schedules, the language has errors such as 'provided that the operation of this paragraph Error! Reference source not found.' Please could this be corrected?
CCS are reviewing the Order Schedules and will amend all error references and republish in due course.
Answered
28/01/2020 08:17
25. Joint Schedule 6 Key Subcontractors 1.6.2 of this Schedule requires that we flowdown to our subcontractors a right 'under CRTPA for CCS and the Buyer to enforce any provisions under the Key Sub-Contract which confer a benefit upon CCS and the Buyer respectively'. The contract is with the Supplier and it is for the Suppler to manage Subcontractors. Please provide an example of this in practice. We would respectively request that this clause (1.6) is removed in its entirety.
This provision is well bounded and will not be removed. It is difficult to provide a specific example without referring to a particular contract. However, there may be circumstances where it will be necessary for CCS or the Buyer to step in and enforce provisions under a key subcontractor contract which confer benefits upon CCS and the Buyer respectively.
Answered
10/02/2020 15:16
Export

Welcome to Supplier Registration Service chat.
Please do not send any confidential information.

Please be aware that this chat is using translation software powered by Google Translate which may affect the accuracy of the language and phrases used.

Are you sure you wish to end this chat? Are you sure you wish to disconnect this chat? New chat message from Please use the 'End Chat' link to end this chat and close the window. Do you want to reset the chat window position? Reset windows