This opportunity is closed for applications

The deadline was Wednesday 10 August 2022
Royal Navy - Ministry of Defence

704685450 - NAVY DIGITAL HOSTING (NDH) RESOURCE SERVICE

7 Incomplete applications

3 SME, 4 large

3 Completed applications

1 SME, 2 large

Important dates

Published
Wednesday 27 July 2022
Deadline for asking questions
Wednesday 3 August 2022 at 11:59pm GMT
Closing date for applications
Wednesday 10 August 2022 at 11:59pm GMT

Overview

Off-payroll (IR35) determination
Contracted out service: the off-payroll rules do not apply
Summary of the work
Provide a service to complete the technical and service delivery elements of 2 x on-premise multi tenant cloud hosting platforms, develop and carry out on-boarding and transition services, sustain and maintain the cloud hosting IaaS capability that underpins the Navy Digital Programme for 12 months.
Latest start date
Saturday 1 October 2022
Expected contract length
12 Months with an option to extend by up to 25% either by time, cost or both.
Location
South East England
Organisation the work is for
Royal Navy - Ministry of Defence
Budget range
It is estimated that the work can be delivered within the budget of £1.216 M for a period of 12 months including all relevant T&S for which the authority anticipates an allocation of £20k. The authority expects in the order of 1760 days of service provision throughout the 12 month period.

About the work

Why the work is being done
Provide a service to commission, transition and manage the Navy Digital Hosting Service of two modern “on-premise” multi tenanted IaaS hosting environments (classified at OS and S) and “edge based” deployed data processing environments. The service must commission, transition and manage the requisite application layer that the Navy Hosting environment will support.
Problem to be solved
The Royal Navy currently operates multiple data centres and server rooms with varying degrees of obsolescence. The aim of this service is to deliver modern, flexible and scalable Navy Hosting IaaS (infrastructure as a service). Navy Hosting IaaS will provide a common set of services for Data and Digital solutions on behalf of the Royal Navy, enabling delivery teams to focus upon their Data and Digital solutions and the Royal Navy to benefit from economies of scale. This service will also provide, develop and deliver service management, within the ITIL Service Operation Model, to support the live tenants and the safe, secure and process driven steady state operations (monitoring, maintenance and troubleshooting).
Who the users are and what they need to do
The Customers of the IaaS service will be made up of application and data service providers predominantly from teams within the Royal Navy, however there will be Customers from Defence Digital and wider MOD. These Customers will deploy, operate and manage the tenant application environment using capabilities and services developed by the Navy Hosting IaaS, such as Service broker, automation tools, deployment tools and operational management tools such as monitoring and automated patching.
Early market engagement
No
Any work that’s already been done
2 disparate air gapped IaaS services have been deployed and configured in a tier 3 Data Centre in Wiltshire. Both services are based on the same technology with a small number of nuanced variations based on the classification of each service (OS and S). The S system is ready to begin on-boarding and migration of application service providers and the OS system is 75% complete (anticipated in Q1 23).
Existing team
There is a mixture of Service personnel, Civil service and contractors for several other suppliers contributing to this Programme of Work. This service will be expected to integrate with, support and draw upon this existing team to deliver this service.
Current phase
Live

Work setup

Address where the work will take place
Based in, HMNB Portsmouth and Corsham. Currently minimal remote working - engineers will be required to access the equipment on site only. Some overseas travel may be required, all task dependent.
Working arrangements
This service will be working in a team with stakeholders from within Navy Command, MoD, and other government departments to deliver capability outcomes in support of MoD and HMG national security objectives. The work will predominately be based at HMNB Portsmouth and Corsham, however the service deliverables will direct where tasks are carried out, and travel will be required where necessary.
Security clearance
All personnel will require SC by contract commencement date. Elements of the requirement necessitate DV clearance, suppliers will need to ensure they have sufficient personnel with DV clearance in order to deliver those requirements.

Additional information

Additional terms and conditions
All expenses (T&S) must be pre-agreed between the parties and must comply with the MoD Travel and Subsistence (T&S) Policy. All suppliers are obliged to provide sufficient guarantees to implement appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects. For further information please see the Information Commissioner's Office website https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Essential skills and experience
  • Experience in delivering, operating and managing a multi-tenanted cloud Hyperconverged Infrastructure (HCI), Infrastructure as a Service (IaaS) within a MOD Maritime domain at classification up to and including SECRET.
  • Experienced in Software defined / application centric infrastructure based local area networking interconnecting with a wider MOD WAN.
  • Demonstrate an understanding of implementing ICT security within a MOD domain, specifically using Boundary firewalls and Intrusion Detection Systems (IDS).
  • Demonstrate experience with System, application and security incident event monitoring such as local logging / monitoring and log forwarding to central defence cyber team.
  • Experience in delivering Core infra services in line with MOD security standards, for example system hardening and lock down.
  • Demonstrate experience in automation and orchestration, such as tenant provisioning & service broker management, in order to generate efficiency, reduce risk and improve security.
  • Experience in delivering and using document repositories for knowledge management, architectural designs (Low and high level), operating processes and procedures.
  • Demonstrate understanding of the delivery, management and operation of backup and data / application protection services to pre-agreed recovery times and points.
  • Experience in development and delivery of the tenant on-boarding on to a MOD IaaS hosting environment (completion being a customer going live on the system).
  • Experience assessing suitability of a customers ability to be on-boarded into a modern Maritime / MOD cloud-based IaaS, be able to document this from a technical and feasibility perspective.
  • Ability to define, continually improve and refine the services offered and delivered, looking for ways to optimise and streamline processes and procedures.
  • Demonstrate experience in ensuring a cloud-based IaaS remains patched and updated in line with the MOD minimum security requirements.
  • Experienced in the management of an IaaS hosting environment, specifically in regards to incidents, changes, problems and requests, operating with and informing wider MOD stakeholders using standardised methodologies.
  • Demonstrate experience in service management of an IaaS hosting environment, i.e.: demand, capacity, asset, performance, security, monitoring and business continuity, operating with and informing wider MOD stakeholders using standardised methodologies.
  • Experienced in application of MoD standards for ICT, information security, digital design, delivery, compliance, safety, Maritime integration, and operations.
  • Experience of MOD maritime digital and ICT installation, commissioning, assurance and acceptance and the related engineering and information compliance activities.
Nice-to-have skills and experience
  • Experience in service management iteration & enhancement aligned with a defined road map, moving from a develop to operate model.
  • Experienced in the management of charging customers for consuming IaaS services. Being able to cost and manage demand, capacity, change and scale.
  • Experience in delivering service status reports and communication to service owners and stakeholders.
  • Experience in managing third party shared services (WAN, IDS, IPS, asset & software management).
  • Demonstrate delivering, managing and operating secure Impex and export services in line with MOD Data Protection policy and guidance.
  • Demonstrate knowledge, experience and skills with data hall management (including cable management, network patching, hardware provisioning/expansion/installation, receiving hardware/stores, access control, and escorting.
  • Demonstrate ability to create service transition plans, including test capability on an MOD IaaS hosting environment to indicate cloud readiness/application modernisation prior to initiating the customer cut over plan.
  • Ability to work with wider MOD stakeholders to determine schedules, demand, capacity, define new or bespoke services required to successfully deliver for each and sometimes unique customer.
  • Demonstrate an understanding of UK Government Departments and MOD structures and policies as they relate to the digital and information outcomes in the Maritime domain.
  • Experience processing C5ISR digital/Cloud-Based OFFICIAL to SECRET solutions through JSP604 compliance and key approval stages, Authority to Test (AtT), Interim Authority to Operate (IATO) and Authority to Operate (ATO).

How suppliers will be evaluated

All suppliers will be asked to provide a written proposal.

How many suppliers to evaluate
3
Proposal criteria
  • Stage 1 relative score (10)
  • Approach and Methodology - how the solution meets our needs (25)
  • Technical experience of the assigned workforce and team structure (20)
  • Risks, dependencies, assumptions and mitigation (5)
  • Demonstrate approach to knowledge and skill transfer to enable the transition of service from build and test to steady state Service Management (5)
  • Demonstrate how continuous improvement will be delivered during the contract period (5)
Cultural fit criteria
  • Work as a team with our organisation and other suppliers and have a no-blame culture that encourages people to learn from their mistakes. (2%)
  • Take responsibility for their work. (2%)
  • Share knowledge and experience with other team members. (2%)
  • Can work with customers with low technical expertise. (2%)
  • Consider equality & inclusion in the provision & operation of services, including a workforce that is representative of the communities we serve, where relevant and proportionate (2%)
Payment approach
Capped time and materials
Additional assessment methods
  • Case study
  • Work history
  • Presentation
Evaluation weighting

Technical competence

70%

Cultural fit

10%

Price

20%

Questions asked by suppliers

1. How will T&S be charged and payments made throughout the contract?
"The contract value will include up to £20K of T&S to be invoiced as actuals in line with MoD T&S rates
The £20K for T&S falls within the £1.216m total cost but should not to be included within the bid tender.
Foreign travel will require Authority approval before these costs are met. T&S throughout the contract will be limited to a maximum liability of £20K.
The service delivery will be receipted and invoiced in arrears via C,P&F and EXOSTAR using the method of Capped time and materials."
2. Will this be assessed as inside IR35?
It is not expected that IR35 will apply. An assessment will be made after the winning supplier has been selected.
3. Is there a Cyber Risk Assessment?
The Cyber Risk Level is very low. Suppliers that are down selected will be required to complete a SAQ.
4. Is there an incumbent supplier in the role?
No, there is not an incumbent delivering this requirement at this time, it is a new outcome.
5. Would you accept a DV cleared candidate?
Yes, we would accept a candidate with a DV.
6. Will there be any performance indicators within the contract
If Performance indicators are required, these will be advised following down-selection
7. Authority has specified “MoD approved SC and DV is required at contract start for all personnel assigned to this service.” please confirm this means a mix of SC and DV cleared personnel and not that all personnel must have SC and DV clearance?
All personnel will require SC by contract commencement date.
It is not mandatory for every person to hold DV clearance, there will be elements of the requirements that require DV clearance so suppliers will need to ensure they have sufficient personnel with DV clearance in order to deliver those requirements.
8. How will the Outcomes tender be evaluated – 1
At stage 1, each tenderer will be evaluated and allocated 0 (Not Met), 1 (Partially Met), 2 (Met) or 3 (Exceeded) against their responses to each of the essential and nice to have criteria. The points awarded for each criteria will be added together to give the total stage 1 technical evaluation points.

The Authority reserves the right to consider tenderers non-compliant if their points are below 2 on any criteria. Non-compliant tenderers will be excluded from the competition.
9. How will the Outcomes tender be evaluated – 2
Tenderers with the three highest total technical evaluation points from stage 1 evaluation will be down selected and invited to take part in stage 2.

Stage 2 will be scored using the following weighting: Technical competence 70%. Cultural fit 10%. Price 20%.
Each tenderer will be evaluated and allocated 0 (Not Met), 1 (Partially Met), 2 (Met) or 3 (Exceeded) against their responses to proposal and cultural criteria

The submitted proposals and work histories will form the basis of the evidence for technical evaluation during stage 2.
10. How will the Outcomes tender be evaluated – 3
The Technical Competence aspects of the proposal will be scored out of 70 marks. These marks will be broken down as follows:
a. Stage 1 relative score (10),
b. Approach and Methodology - how the solution meets our needs (25),
c. Technical experience of the assigned workforce and team structure (20),
d. Risks, dependencies, assumptions and mitigation (5).
e. Demonstrate approach to knowledge and skill transfer to enable the transition of service from build and test to steady state Service Management (5).
f. Demonstrate how continuous improvement will be delivered during the contract period (5)
11. Is it possible to provide the Service Levels for the platform and hours of operation please?
Service levels are being finalised, project assumption is that although this is outcome based, the supplier will not be contractually liable to deliver against any SLAs defined before the formation of this contract (704685450). The hours of operation are 0800 – 1730.
12. Where you have stated that you expect in the order of 1760 days of service provision, what is the split between build and run services?
Tendering suppliers should define the split between build and run services in order to meet the outcomes.
13. Please can you provide any sizing information about the environment such as the number of : Servers, Switches, Storage environments, Databases.
This information is sensitive and not suitable for sharing on the public Digital Marketplace. This information will be passed to the 3 suppliers who get through to the next stage.
14. Can you share the timeline following successful downselect to Stage 2.
The timeline below is our current planning assumption, it is not fixed and should only be used as a guide. Firm dates will be provided to suppliers down-selected for Stage 2. Dates are week commencing (w/c).

Suppliers notified of the results of Stage 1 - w/c 15 August 22
Stage 2 proposals submitted - w/c 05 September 22
Stage 2 Technical evaluation of proposal assessment - w/c 12 September 22
Suppliers notified of the results of Stage 2 - w/c 19 September 22
Contract start date - 01 October 22
15. What proportion of the work is likely to require DV clearance?
Essential criteria - All personnel minimum SC and 50% of team DV cleared.
Desirable criteria - 75% of team DV cleared.
16. What is going to happen to the platforms after 12 months?
NDH is an enduring requirement, at an appropriate point in the 12 month contract, MOD will re-compete another DOS Outcome for resource post this contract end.
17. As part of a joint bid, will MOD accept a subcontractor from the US with TS-SCI clearances?
There may be occasions where personnel with US clearances are accepted as meeting similar levels of UK clearances but this would need to be reviewed on a case by case basis and therefore cannot be guaranteed. The winning suppliers personnel clearances can be reviewed by the relevant MOD security team following the completion of this tender. Suppliers must ensure that they have sufficient personnel with the required clearances to deliver the services, including in the event that any personnel with US clearances are not accepted in this specific case.
18. Would the Authority consider suppliers with experience in delivery of these service within other MOD/Secure Government environments, i.e., not specifically maritime?
Yes, all bids considered and scored appropriately in accordance with MOD policy.
19. Please would confirm if there is an incumbent already delivering this service and if so, who?
Yes there is a current incumbent delivering the service. The team is a 'rainbow team' made from 3 different suppliers. All current and contract awards are published on Government website.