Awarded to Made Tech Ltd

Start date: Monday 23 October 2017
Value: £64,800
Company size: SME

Government Digital Service

WP1454v2: GOV.UK Broken link checking tool. Reissue WP1454 amended.

3 Incomplete applications

2 SME, 1 large

5 Completed applications

5 SME, 0 large

• Published: Friday 25 August 2017
• Deadline for asking questions: Friday 1 September 2017 at 11:59pm GMT
• Closing date for applications: Friday 8 September 2017 at 11:59pm GMT

Overview

• Summary of the work: Improve upon and integrate a pre-existing Ruby link checker tool to check the validity of external links from all content on GOV.UK by reading from a RabbitMQ message bus. They will be working with a multidisciplinary team including GOV.UK developers
• Latest start date: Monday 23 October 2017
• Expected contract length: Approximately five months. Not beyond 31/03/2018
• Location: London
• Organisation the work is for: Government Digital Service
• Budget range: £56,000 - £67,000 excluding VAT

About the work

• Why the work is being done: GOV.UK must be a trusted source for users. Their safety, security and privacy must be protected while using the site.
• Problem to be solved: Links to other sites on GOV.UK may break or the destination domains may be hijacked by malicious actors. Consequently malicious actors have the potential to direct users to expose private information. Content staff and publishers need to be able to monitor these links and fix them if they break.The work is expected to take no longer than 8 weeks. The milestone deliverables are: Integrate with daily feed from GOV.UK site crawler, Integrate with feed of changed content, Discovery and implementation of additional link checks, Record results of tests, Display results of tests, Set up automated reporting of results of tests
• Who the users are and what they need to do: As a citizen I need to be able to trust links I click on GOV.UK so that I'm not tricked into disclosing my information to attackers
• Early market engagement: None
• Any work that’s already been done: GOV.UK has a Link Checker API that accepts a URL and checks that it doesn't 404. It has been integrated with our Local Links Manager application which staff from local authorities use to update links from GOV.UK to services on their sites. GOV.UK has two RabbitMQ-based feeds of content which could be used to drive the checker. One is a nightly crawler which detects URLs on each page. The other is a live feed of newly published content.
• Existing team: The team that built the Alpha API and integrated it with Local Links Manager will be available to provide context and assist with code reviews. The work will be coordinated by a Delivery Manager and overseen by a Senior Technologist and Product Manager from GOV.UK. Once familiar with the work, the supplier is encouraged to work remotely.
• Current phase: Live

Work setup

• Address where the work will take place: Government Digital Service, The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
• Working arrangements: The team should work in the GDS office for an initial period to gain context, but are encouraged to work remotely afterwards. Fortnightly check in meetings on progress are required.; The intermediaries legislation doesn't apply to this engagement: this is out of scope for IR35.
• Security clearance: SC Clearance is required

Additional information

• Additional terms and conditions: Cabinet Office (CO) Travel and Subsistence policy will apply. All expenses must be pre-agreed with between the parties and must comply with the CO T&S policy.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

• Essential skills and experience:
  • 3+ years experience with Ruby on Rails
  • 2+ years experience working in a Continous Integration environment
  • 2+ years experience working with Git hub
  • 2+ years experience with Test Driven Development
  • 2 + years experience of working with RabbitMQ
• Nice-to-have skills and experience:
  • Understanding of GDS product and service development phases
  • Examples of experience with Rest APIs
  • Examples of mitigating common web security issues
  • Understanding of TLS/SSL and how it relates to the problem
  • Understanding of wider government web ecosystem and how it relates to the problem
  • Understanding of local government web ecosystem and how it relates to the problem

How suppliers will be evaluated

• How many suppliers to evaluate: 3
• Proposal criteria:
  • Technical solution
  • Approach and methodology
  • How the approach or solution improves the safety and security of users
  • How the approach or solution meets the needs of publishers
  • Estimated timeframes for the work
  • How they’ve identified risks and dependencies and offered approaches to manage them
  • Team structure
  • Value for money
  • Suggestions of checks to perform against URLs
  • Suggestions of ways to report issues back to the most relevant publisher
• Cultural fit criteria:
  • Evidence of experience working in an Agile environment
  • Evidence of experience reporting progress to Senior Management on a regular basis
  • Experience communicating with other developers via Slack or similar tools
  • Demonstrated understanding of the need to ask well defined questions of other developers
  • Examples of sharing acquired knowledge with other developers
  • Experience of pair or mob programming and understanding of the benefits
• Payment approach: Time and materials
• Assessment methods:
  • Written proposal
  • Work history
  • Presentation
• Evaluation weighting:

  Technical competence

  70%

  Cultural fit

  10%

  Price

  20%

Questions asked by suppliers

• 1. Is the team that built the Alpha an in-house team or an interim team?: An In-house team
• 2. Can you give an indication of how many Developers you would expect to be doing this work?: We estimate that we will require 1 to 3 developers
• 3. Is there an incumbent supplier who has been involved with the work on the alpha API?: No