IT Security Services
Estimated value
—
Awarded value
—
Suppliers
1
Lots
1
Published
31 Jul 2025
Description
The Development Bank of Wales undertook a competitive flexible procedure, this notice is to notify that we have entered into a contract with the successful supplier. The Scope: The Development Bank of Wales currently operate a security operation model that is split across multiple providers and technologies. To help reduce the complexity of this approach and improve our ability to effectively monitor, respond to, and mitigate security threats, the Banc are investigating the feasibility of implementing a unified Microsoft security operations platform, the day-to-day management of which would be supported by a single provider. This transition will not only streamline our processes and technology, but also increase the efficiency of our incident response efforts and reduce the potential for gaps in our security posture caused by the fragmentation of tools and services. Currently, our Azure services are handled by Service Provider A, which focuses on optimising our cloud infrastructure. Service Provider B is responsible for managing our Microsoft 365 environment and on-premises infrastructure, ensuring that both are configured and maintained to meet our operational needs. Additionally, our managed detection and response (MDR) services are provided by Service Provider C, which utilises their own proprietary platform to deliver continuous monitoring, threat detection, and incident response across our IT estate. The Banc is investigating replacing Service Provider C with a new Service Provider that will take over the managed detection and response function, utilising the Microsoft unified security platform. They will be responsible for the implementation, configuration and on going management of the platform, and providing proactive advice and recommendations to improve the security of our Microsoft estate, drawing on Microsoft’s insights, but will not be responsible for any configuration outside of the security platform. The new provider will collaborate closely with Service Providers A and B to align security practices ensuring that our entire IT environment remains protected against emerging threats.
Scope
- Reference
- DBW00105
- Commercial tool
- Standalone contract
- Contract dates
- 30 Jun 2025 to 30 Jun 2030Possible extension to 30 Jun 2033
3 years in 12 month increments
- CPV classifications
- 72000000
- Contract locations
- UK, United Kingdom
- Particular suitability
- Small and medium-sized enterprises (SME)
Award criteria
Criteria the buyer will use to evaluate bids.
| Name | Description | Type | Weighting |
|---|---|---|---|
| Stage 1 | PSQ - Pass/Fail Technical evaluation - Pass/Fail and weighted questions 3PQ Please note that this stage has a technical weighting of 100% | quality | 1.00% |
| Stage 2 | Technical evaluation Questions have a total weighting of 70% | quality | 69.00% |
| Commercial | Annual costs including the implementation for the first year Rate cards | price | 30.00% |
Participation
Conditions suppliers must meet to bid.
Professional Indemnity (PI) - £1,000,000 Cyber Essential insurance £1,000,000 Employers Liability (EL) - £10,000,000 Public Liability (PL) - £5,000,000
Please refer to the tender documentation
Submission & procedure
- Procedure
- Competitive flexible procedure
Award details
Awarded supplier(s), contract period and value as published in the award notice.
Awarded value
—
Award date
—
Contract start
—
Contract end
—