This opportunity is closed for applications

The deadline was Friday 5 November 2021

The Cabinet Office

Alpha and (optional) Beta phases of a Identity Verification process for EIP Digital programme

6 Incomplete applications

2 SME, 4 large

14 Completed applications

12 SME, 2 large

• Published: Friday 22 October 2021
• Deadline for asking questions: Friday 29 October 2021 at 11:59pm GMT
• Closing date for applications: Friday 5 November 2021 at 11:59pm GMT

Overview

• Off-payroll (IR35) determination: Supply of resource: the off-payroll rules will apply to any workers engaged through a qualifying intermediary, such as their own limited company
• Summary of the work: Procurement for a team to deliver the Alpha-Beta phases of ‘Identity-Verification’ component for electoral and registration digital services (including Register-to-Vote, and launch of absent-vote application service). Beta phase will be confirmed on completion of successful Alpha. The Cabinet Office reserves the right to return to the market after Alpha delivery.)
• Latest start date: Monday 29 November 2021
• Expected contract length: 24 months
• Location: London
• Organisation the work is for: The Cabinet Office
• Budget range: Alpha development £250,000 - £350,000; Beta development £650,000 - £800,000; Combined Beta (Workstreams 1-3) £ 2,800,000 - £3,400,000

About the work

• Why the work is being done: The Electoral Integrity Programme (EIP) will deliver key Government manifesto and ministerial commitments including the national roll out of voter identification; making it easier for overseas electors to vote; improving the transparency of political campaigning; measures to secure our democratic processes, improving the security of postal and proxy voting; and making polling stations more accessible. To deliver this transformational work, primary legislation has been introduced to Parliament. The Programme will run change projects concurrently to deliver substantial supporting secondary legislation, and digital innovation plus the infrastructure across the United Kingdom to support the successful delivery of the Government’s vision.
• Problem to be solved: Alpha phase objectives include:; Iterative to final service blueprints and designs (including key use cases, edge cases, journeys and service service entry points); Iterative user research of prototypes (including paper-based routes and non-disposable prototype built using the .Gov Nunjucks prototyping tool kit); Detailed technical architecture designs including high level functional decomposition diagrams and non-functional requirements, key object models and key sequence diagrams, and security features. Threat modelling where the key threats are: security risk, fraud risks, service accessibility and service availability; Definition of KPIs and data measurement processes; Proposal for Beta including roadmap and epics; Alpha service assessment; Definition target operating model (TOM), including support systems and processes e.g. helpdesk; ; Beta phase objectives:; Build of service according to agreed technical design from alpha; Continued iterative user-centered design of service throughout, including 4 weeks of private beta; Appropriate service testing including load testing, spike testing and functional testing.; Setup of cyber monitoring and logging, support of pen testing and remediation of any vulnerability prior to launch; Launch of service to Beta live according to TOM; provision of support and service iteration; Beta and live service assessments
• Who the users are and what they need to do: Electors - who need to use elections and registration digital services (in digital and non-digital formats).; Electoral administrators at local authorities - need to process applications and maintain the electoral register; Early market engagement
• Any work that’s already been done: Discovery will be completed November 21; High level service designs and blueprints have been created; User research conducted with target user groups to refine understanding of core user needs in service design; outputs will be shared with shortlisted suppliers.
• Existing team: Cabinet Office will provide a Product Manager to lead this project and technical, service design and user research leads to assure the quality of deliverables.; ; Proposed minimum resource requirements from potential suppliers;; Delivery/Product Manager; Service/UX Designer; Business Analyst; Content Designer; User Researcher; Technical/Data Architect; Developer(s); Senior Developer/Tech Lead; Security Expert; Tester.; These resources will be at sfia levels 4-6
• Current phase: Discovery

Work setup

• Address where the work will take place: The majority of work will be done remotely, but the supplier may need to attend meetings in London.
• Working arrangements: The Supplier is expected to support the EIP Team during normal opening hours (Monday to Friday 08:00 to 18:00).; ; The work will be mainly remote but the London office will be a focal point for the EIP Project and CO may expect supplier staff to spend part of their time at any location designated by the buyer as required, including for workshops, meetings, collaboration, and team building.
• Security clearance: BPSS for analysts , designers and user researchers; SC for technical roles including tech leads and developers

Additional information

• Additional terms and conditions: All supplier resources must fall under IR35.; Travel and subsistence will not be paid for travel to the "home" office which will be London and specified in the Statement of Work.; Beta award will be subject to getting appropriate spend approvals; Beta award will be dependent on suppliers alpha performance and submission of value for money beta proposals.; Beta development contract maybe awarder for workstreams 1-3 to a single supplier.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

• Essential skills and experience:
  • Detail one recent experience of delivering a product or service successfully through Discovery to Public Beta phases including the agile tools, frameworks and techniques that were used and why.
  • Demonstrate an example of your experience in using user research with users with accessibility needs to inform user-centred design of a service through iterative improvement.
  • Detail recent experience of working with multidisciplinary, mixed civil servants and 3rd party teams of specialists working to common service outcomes.
  • Experience designing technical architecture using AWS ecosystem and managed services
  • Experience implementing AWS Lambda-based frontend, API gateway services and Infrastructure as Code
  • Experience supporting service operations in public beta phase
  • Experience of distributed service delivery and design (with national and local components)
  • Experience of delivering alpha and beta of the same product, including how beta time-line and quote were provided and managed.
• Nice-to-have skills and experience:
  • Experience delivering identity products
  • Experience working with local authorities (as users) and delivering cloud-based software/services for their workflows
  • Experience in producing infrastructure as code templates in Terraform / CloudFormation
  • Experience of relevant technology stacks including Serverless architectures (NodeJS, Java) and Ruby

How suppliers will be evaluated

All suppliers will be asked to provide a written proposal.

• How many suppliers to evaluate: 5
• Proposal criteria:
  • Technical solution
  • Approach and methodology
  • How the approach or solution meets user needs
  • Estimated timeframes for the work
  • Risks and dependencies
  • Team Structure
  • Value for money
• Cultural fit criteria:
  • challenge the status quo
  • Transparent and collaborative decision making
  • Take responsibility for their work
• Payment approach: Capped time and materials
• Additional assessment methods: Presentation
• Evaluation weighting:

  Technical competence

  60%

  Cultural fit

  10%

  Price

  30%

Questions asked by suppliers

• 1. Can you please clarify if there is any dependency or linkage to the Single Login for government which is also working on identity assurance.: There is no dependency with Single Login for government; however, it may be that Single Login for government plays a part in the solution design. at some point.
• 2. Can you please clarify if there is any dependency or linkage to the HM Land Registry work on identity assurance: There is no dependency or relationship with with HM Land Registry work on identity assurance,
• 3. Can you please clarify if there is any dependency or linkage to the DCMS work on the National Identity and Attribute Trust Framework which is also seeking to address the issues of identity assurance using verified attributes: There is no dependency or relationship with with the National Identity and Attribute Trust Framework
• 4. Would you be open to a solution that used a Personal Data Store as the vault for holding verified identity assurance tokens and attributes so that they were reusable beyond this specific requirement: We do not envisage a solution involving a Personal Data Store as the vault for holding verified identity assurance tokens and attributes so that they were reusable beyond this specific requirement.
• 5. Can you please clarify if there is any dependency or linkage to the NHS App and work on identity assurance and vaccine certificates: There is no dependency or relationship with the NHS App and work on identity assurance and vaccine certificates
• 6. Can you please clarify if there is any dependency or linkage to the work undertaken by DWP on identity assurance as part of their delivery of Universal Credit: There is a not a dependency but there is a relationship with the work undertaken by DWP on identity assurance
• 7. Can you please clarify if there is any dependency or linkage to the work undertaken by HMRC on the Government Gateway and Personal Tax Account: There is no dependency or relationship with with the work undertaken by HMRC on the Government Gateway and Personal Tax Account
• 8. Would you be prepared to use components sourced from G-Cloud as part of the solution which could configured to meet the requirements of the Alpha and Beta: Yes
• 9. Can you please clarify if there is any dependency or linkage to the work undertaken Ministry of Justice on Lasting Power of Attorney Modernisation and the requirements for identity assurance therein: There is no dependency or relationship with with the work undertaken Ministry of Justice on Lasting Power of Attorney Modernisation
• 10. Which supplier is conducting the Discovery phase and will they be tendering for this opportunity?: Hippo digital have conducted the discovery phase. This process is open to all UK based businesses but and we cannot comment on which businesses are bidding.
• 11. Will this function be using the existing Verify platform that the UK Govt already uses elsewhere? GOV.​UK Verify – GOV.​UK (www.gov.uk): No