Government Digital Service, part of Cabinet Office

WP1448: Product development team to work on GOV.UK Verify deliverables

Incomplete applications

2
Incomplete applications
1 SME, 1 large

Completed applications

10
Completed applications
9 SME, 1 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Friday 18 August 2017
Deadline for asking questions Friday 25 August 2017 at 11:59pm GMT
Closing date for applications Friday 1 September 2017 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Summary of the work Enabling reuse of EU identities via Verify. Code is integrated tightly within the main Verify codebase.
Latest start date Monday 9 October 2017
Expected contract length 6 months
Location London
Organisation the work is for Government Digital Service, part of Cabinet Office
Budget range We envisage this work to be done by a team of at least 5 consisting of 2x developers and 1x delivery manager, 1x product manager and 1x technical analyst.

About the work

About the work
Opportunity attribute name Opportunity attribute value
Why the work is being done Consumption of EU identities via the Verify hub
Problem to be solved Consume EU identities via Verify
Measure: Verify connected to the eIDAS other countries test instances to consume identities from EU by 02/18
Deliverable: go into private beta
Measure: Verify is connected to at least one other country in production for testing with real identities from other countries by 03/18
Deliverable: Productionise Verify Service provider to make easier for RP's use Verify
Measure: Services wishing to onboard use Verify Service Provider
Deliverable: Complete discover into improving onboarding process for RP's wishing to integrate with Verify
Measure: User needs identified for improved onboarding process with technical plan for how to meet them
Who the users are and what they need to do As an EU citizen living in the UK, I need to re-use my home nation's digital identity system, so that I can access UK government services
Early market engagement None
Any work that’s already been done Discovery phase complete, partial work to make use of EU identities in the Verify hub has been completed
Existing team You will work with a multi-disciplinary team including a delivery manager, product manager, policy & engagement, developers and web-ops both on the EIDAS team and across the wider GOV.UK Verify programme.
Current phase Alpha

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
Working arrangements On site 5 days a week 9:00 - 5.30.
Security clearance SC

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions Cabinet Office (CO) Travel and Subsistence (T&S) Policy will apply. All expenses must be pre-agreed with between the parties and must comply with the CO T&S Policy.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Experience of managing large public sector agile projects
  • JAVA (or C#) and Ruby experience
  • Experience with microservice architecture
  • Agile working / devops methodology
  • Experience of pipeline creation and hardening for services
  • Ability to take initiative
  • Excellent communication skills
  • Experience of leading teams (pref. multidisciplinary)
  • Experience in passing on knowledge in a structured way
  • Experience of stakeholder engagement and management
Nice-to-have skills and experience
  • Understanding of SAML
  • Previous experience in local or central government
  • Experience of Kanban

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many suppliers to evaluate 3
Proposal criteria
  • Your approach to onboarding your team to the projects
  • Your management of proposed flexible team resources
  • Your approach to defining technical architecture and software architecture in a context of legacy systems and a drive towards efficiency
  • Your approach to data privacy and security
  • How you've identified risks and dependencies and offered approaches to manage them
Cultural fit criteria
  • Commitment to excellence
  • Culture of taking responsibility for owning issues and resolving and problems
  • Your approach to transferring knowledge and experience to civil servants to support learning from this engagement.
  • Understanding of Agile and Lean methodologies and ways of working
Payment approach Time and materials
Assessment methods
  • Written proposal
  • Work history
  • Presentation
Evaluation weighting

Technical competence

65%

Cultural fit

15%

Price

20%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. We have a number of staff that have sc clearance. However, there are some others that we would like to put in the team who are not. Would you sponsor their clearance as part of this project? It is preferred that candidates already have SC clearance. If not currently held, candidates must be willing to undertake the SC clearance process. As the DOS requirement made it clear that SC clearance is required then suppliers are required to pay and arrange for that security clearance themselves to become eligible and compliant to perform the contract.

We can however arrange for special dispensation to allow suppliers to begin their contract and allow them onsite whilst the security process is underway. A caveat to this is that the suppliers contract would be terminated if SC clearance was not granted.
2. Is it possible to share the output of Discovery? No, this procurement is for ongoing work to augment an existing team of civil servants, and the procured team will not be delivering in isolation. We have a detailed plan for future work.
3. Can you confirm that you expect this work/team to be outside IR35? Yes this team will be outside of IR35
4. Do you have an associated budgetary figure for this piece of work? The budget has been left blank intentionally; we will assess the price suppliers provide using the evaluation weighting we have disclosed on the requirements.
5. Will this form a single team or will people be distributed across different Verify teams? The expectation is that the team will be mainly working on eIDAS but on occasion may be split across various areas of work, working within various product teams
6. Please can you explain more about what the technical analyst role would entail? It's not one of the standard roles on https://www.gov.uk/government/collections/digital-data-and-technology-job-roles-in-government as far as we're aware so would be helpful to understand your expectations for what they'd be doing. The role of the technical analyst is to take technical requirements and help translate them into pieces of work to be played by the developers. This role involves speaking to technical architects, product owners and developers both inside GDS and across the wider european eIDAS project.
7. Please can you explain more about what the technical analyst role would entail? It's not one of the standard roles on https://www.gov.uk/government/collections/digital-data-and-technology-job-roles-in-government as far as we're aware so would be helpful to understand your expectations for what they'd be doing. The role of the technical analyst is to take technical requirements and help translate them into pieces of work to be played by the developers. This role involves speaking to technical architects, product owners and developers both inside GDS and across the wider european eIDAS project.
8. Experience of pipeline creation and hardening for services" Can you clarify what is meant by pipeline? Is it a software pipeline implementation e.g. a "stream", or is it a DevOps like software automated build and deployment/delivery pipeline or something else? Pipeline in this context would be "release pipeline". Hardening for services is a separate thing.