Government Digital Service GOV.UK Verify

WP1373: Development capability for Verify

Incomplete applications

8
Incomplete applications
8 SME, 0 large

Completed applications

11
Completed applications
8 SME, 3 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Monday 8 May 2017
Deadline for asking questions Monday 15 May 2017 at 11:59pm GMT
Closing date for applications Monday 22 May 2017 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Summary of the work We require additional development capability. The aim is to drive the adoption of Verify through delivering on the technical projects described, making the project work better for citizens. This will include the design, installation, testing and maintenance of software systems, working in pair and mop programming in the listed areas.
Latest start date Monday 3 July 2017
Expected contract length 6 months
Location London
Organisation the work is for Government Digital Service GOV.UK Verify
Budget range We envisage this work to be done by a team of 5 or 6 senior / lead developers (for example); budget range £550,000 - £650,000

About the work

About the work
Opportunity attribute name Opportunity attribute value
Why the work is being done GOV.UK Verify is the new way to enable citizens to prove who they are digitally to an appropriate level of assurance, in order to interact with their personal data held by government services.

We require a senior level development team to support our work in the following areas:
* eIDAS (working to consume identities from Europe, and potentially allow re-use of Verify identities in Europe)
* onboarding (improving how Government services onboard to use Verify)
* DCS (continuous development on Document Checking Service)
* hub/frontend (A/B tests, improvements to release processes, etc)
Problem to be solved We require additional development capability for a large number of projects on a flexible basis. The aim is to drive the adoption of Verify through delivering on the technical projects described and thereby making the project work better for citizens. This will include the design, installation, testing and maintenance of software systems, working in pair and mop programming in the areas listed above.

Milestones for the programme team:
Late April - LoA1 hub capability
Late June - DCS Northern Ireland inclusion
Early July - migrate hub to AWS

As well as 5-10% improvement to the Verify completion rate per quarter.
Who the users are and what they need to do As a citizen, I need to prove my identity online in order to be able to access government services.
Early market engagement n/a
Any work that’s already been done live operating platform
Existing team Devs and SecOps as well as cross-functional colleagues in GOV.UK Verify
Current phase Live

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place Government Digital Service
Aviation House
125 Kingsway
London
WC2B 6NH until mid June 2017.
then
Whitechapel building, Aldgate, London from mid June 2017.
Working arrangements Onsite full-time 5 days a week. Co-located with other Live Services resources
Security clearance SC Security Clearance is required to operate on this project. Must hold security clearance (SC) at start date of contract

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions Digital Outcomes and Specialist's Terms and conditions will apply, the only addition, if required, would be Cabinet Office T&S Policy will apply for any Supplier expenses which will need to be pre-approved by Cabinet Office

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • ability to take initiative
  • JAVA (or C#) and Ruby experience
  • Experience with microservice architecture
  • Agile working / devops
  • - AWS / 12-factor experience is a bonus
  • - Ability to work independently and move in a fast-paced environment
  • - Excellent communication skills
  • - experience of leading teams (pref. multidisciplinary)
  • - experience in passing on knowledge in a structured way
  • - experience in acting as the technical expert in a team
Nice-to-have skills and experience
  • Understanding of SAML
  • Previous experience in a public sector

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many suppliers to evaluate 6
Proposal criteria
  • Your approach to onboarding your team to the projects
  • Your management of proposed flexible team resources
  • Your approach to defining technical architecture and software architecture in a context of legacy systems and a drive towards efficiency
  • Your approach to data privacy and security
  • State your team structure and provide up to 5 work histories. Your team should include at least two senior developers, two junior developers and one lead developer
  • Value for money; proposed resource profile and day-rates for the delivery
Cultural fit criteria
  • Commitment to excellence
  • Flexible working
  • Commitment to team working
  • Your approach to resolving technical and business risks or issues in a collaborative way that maximises productivity and business outcomes.
  • Your approach to transferring knowledge and experience to civil servants to support learning from this engagement.
  • Culture of taking responsibility for owning issues and resolving and problems.
Payment approach Time and materials
Assessment methods
  • Written proposal
  • Work history
  • Presentation
Evaluation weighting

Technical competence

60%

Cultural fit

10%

Price

30%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. In terms of security clearance, do all personnel have to hold this at the start of the project or is there an an opportunity for this to be applied for upon a successful contract award for any that do not hold it? It is preferred that the candidate already has SC clearance. If not currently held, the candidate must be willing to undertake the SC clearance process. This DOS requirement made it clear that SC clearance is required then suppliers are required to pay and arrange for that security clearance themselves to become eligible and compliant to perform the contract. We can however arrange for special dispensation to allow suppliers to begin their contract and allow them onsite whilst the security process is underway. A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted.
2. Can you confirm the expected IR35 status for teams assigned as part of this engagement? Yes- out of scope
3. Do you need all the 6 developers to start at the same time? Can a Supplier start with say 2 or 3 in July and then onboard the remainder as soon as they become available? We expect all the developers to start at the same time
4. Would you be willing to sponsor for SC clearance some of the resources, but not necessary all? It is preferred that the candidate already has SC clearance. If not currently held, the candidate must be willing to undertake the SC clearance process. This DOS requirement made it clear that SC clearance is required then suppliers are required to pay and arrange for that security clearance themselves to become eligible and compliant to perform the contract. We can however arrange for special dispensation to allow suppliers to begin their contract and allow them onsite whilst the security process is underway. A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted.
5. Not all of the staff we would intend to put on this have security clearance. Are GDS willing to sponsor SC clearance? It is preferred that the candidate already has SC clearance. If not currently held, the candidate must be willing to undertake the SC clearance process. This DOS requirement made it clear that SC clearance is required then suppliers are required to pay and arrange for that security clearance themselves to become eligible and compliant to perform the contract. We can however arrange for special dispensation to allow suppliers to begin their contract and allow them onsite whilst the security process is underway. A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted.
6. The only questionable criteria is the SC Clearance. It states we must hold this at the latest start date of the contract (3rd July). Will we be able to propose resources that aren't SC cleared beforehand? By this I mean, do you think there will there be enough time between when a decision is made to award and the start of the contract to obtain SC clearance? It is preferred that the candidate already has SC clearance. If not currently held, the candidate must be willing to undertake the SC clearance process. This DOS requirement made it clear that SC clearance is required then suppliers are required to pay and arrange for that security clearance themselves to become eligible and compliant to perform the contract. We can however arrange for special dispensation to allow suppliers to begin their contract and allow them onsite whilst the security process is underway. A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted.
7. Can you please confirm that the contract for the services to be provided is deemed to be outside of the scope of HMRC IR35 legislation? Yes- out of scope
8. Do you require both Java 'AND' Ruby skills? If not, is one skill preferred over the other? Yes, experience of both is required
9. Do you require both Java 'AND' Ruby skills? If not, is one skill preferred over the other? Yes, experience of both is required
10. Could you clarify if you are looking for 12-factor apps experience specifically on AWS, or whether you are looking for suppliers to have experience with AWS, but also 12-factor apps (but which may not have been used on AWS)? Either or both is a bonus
11. Can you please clarify why SC Security Clearance is required? Is it necessary for all team members or just those accessing sensitive information or environments? It's necessary for anyone to release code to production
12. Would 3 or 4 days per week onsite be an option with 1 or 2 days working offsite? This gives more choice of people as many need to travel to be on customer site. No not offsite
13. Can you confirm the expected IR35 status for teams assigned as part of this engagement? This role is outside of IR35
14. Could you please confirm is this is within the purview of IR35? This role is outside of IR35
15. What is your ideal intended team structure after the on-boarding the new development team for gov.uk Verify? The expectation is that the team will be split across various areas of work, working within various product teams
16. You have requested for up to 5 work histories during the proposal round. Does that mean that a supplier should provide up to 5 examples of work that their organisation has conducted or do we need to provide up to 5 detailed CVs of the individuals whom we recommend? We will require work histories of all the people who’ll be working on the project
17. Why is there a need for additional development capability on a “flexible basis”? Would you please share how the budget mentioned was arrived at? Due to changing priorities, flexibility is required in relation to the teams that the developers are placed in. Regarding the budget, with the range of rates and the number of estimated working days.
18. What are the testing methods which you use? Is it behaviour driven development? We use testing methodologies appropriate to the work being undertaken, that can vary between projects and teams, so flexibility is required.
19. Is this the current development team a multi-vendor team or is it an internal team of gov.uk verify? It is a mix of multi-vendor and internal GOV.UK Verify staff.
20. Are you looking for on-boarding “5 or 6 team senior / lead developers” to work in different teams or are you looking for one team with “at least two senior developers, two junior developers and one lead developer”? The expectation is that the team will be split across various areas of work, working within various product teams.
21. Do you have a set procedure/ strategy for the requirements of “data privacy and security”? Or do they need to be derived from GDS? Verify has its own procedures that are based on the GDS ones. Within Verify there is a Privacy Officer that sets the guidance for the programme.
22. Hello, please could we query the SC requirement for this bid? It is our understanding that security clearance can only be carried out / transferred after being requested by the government body procuring the services (this case GDS). Does ‘must hold SC clearance at start of contract’ imply that... - Only individuals who are likely to be cleared by 3 July will be considered, OR - Only individuals with currently existing SC status will be considered Also, to confirm that GDS will arrange for each SC to be processed or transferred to the Verify project after the bid submission deadline? It is preferred that the candidate already has SC clearance. If not currently held, the candidate must be willing to undertake the SC clearance process. This DOS requirement made it clear that SC clearance is required then suppliers are required to pay and arrange for that security clearance themselves to become eligible and compliant to perform the contract. We can however arrange for special dispensation to allow suppliers to begin their contract and allow them onsite whilst the security process is underway. A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted.