Home Office

CyberArk Implementation Partner

Incomplete applications

Incomplete applications
2 SME, 0 large

Completed applications

Completed applications
2 SME, 5 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Friday 8 December 2017
Deadline for asking questions Friday 15 December 2017 at 11:59pm GMT
Closing date for applications Friday 22 December 2017 at 11:59pm GMT


Opportunity attribute name Opportunity attribute value
Summary of the work An implementation partner is required to perform a full implementation of an existing CyberArk solution, and subsequently work with relevant Home Office stakeholders to transition it to live service.
Latest start date Thursday 15 February 2018
Expected contract length Up to 2 years (with initial SoW for 6 Months)
Location London
Organisation the work is for Home Office
Budget range upto £1m for the contract and £200k-£350k for the initial SOW

About the work

About the work
Opportunity attribute name Opportunity attribute value
Why the work is being done A recent risk assessment of the Home Office’s top systems highlighted the need to implement a privileged access management solution, in order to:
• Strengthen the security posture of the Home Office by protecting from cyber attacks relating to privileged accounts.
• Establish an effective privileged account management capability.
• Implement the principle of least privilege by ensuring that privileged access is only used when required and is revoked when not required.
• Limit and control the access of privileged accounts or administrative credentials.
• Implement a full audit trail for all privileged account activities.
Problem to be solved The Home Office has previously completed a proof of concept, product selection and procurement of CyberArk’s Privileged Account Security Solution.

An implementation partner is now required to complete a full implementation of a defined set of modules of the CyberArk product-suite in the Home Office data centre and public cloud environments using the existing licence base. This work will be delivered under multiple stages.

The implementation partner will then be required to work with relevant Home Office stakeholders to transition the new capability into live service and fully on-board the first team designated to receive the new capability (~10 users).
Who the users are and what they need to do As Cyber Risk Owner, I want to ensure that effective controls are in place over the access and usage of privileged accounts and credentials so that I can reduce the level of cyber risk to the organisation

As a Network Infrastructure engineer, I want to elevate my privileges on the network devices that I manage remotely from my endpoint so that I can access the administrative functionality to configure them

As System Administrator, I want to limit restrict privileged users to perform only specific commands or functions so that users can only perform actions that they are authorised to do
Early market engagement
Any work that’s already been done • Initial proof of concept on CyberArk product in January 2017
• Project mobilisation and stakeholder discovery
• Purchase of CyberArk licences
• Discovery phase
• Hardware installation at Home Office Data Centre 1 & 2
Existing team The CyberArk Implementation Partner will be working as part of an ongoing programme of works, working in partnership with the programme team to deliver the work package.

The existing team is composed of a Home Office programme team and additional technical resources provided by an existing delivery partner, working as part of a larger programme of works. The supplier will also be required to work with multiple Home Office stakeholders to implement the capability and transition it to live service
Current phase Discovery

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place The team will be delivering output and digital outcomes primarily with a team located in Croydon and central London. Travel to other Departmental locations in the UK may be required.
Working arrangements The supplier’s team will be required to be located on site for five days (40 hours) per week, whether alongside the programme team in Croydon, or at a Departmental location around the UK.

Occasional travel to regional sites may be required. Day rates will be inclusive of travel and subsistence expenses within M25/Greater London. Travel and subsistence expenses incurred from travel outside of the M25/Greater London will be subject to Home Office Travel and Subsistence Policy.
Security clearance Individuals in the supplier’s team will require SC clearance, or be willing to undergo SC clearance checks. SC clearance needs to have been achieved before work can commence.

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions Standard DOS framework and call-off terms and conditions will apply.

This contract will consist of multiple phases and a statement of work will be created for each phase. Further details to be provided in the RFP.

Bidders who have succeeded in reaching the shortlist will be required to sign a Non-disclosure agreement in order to receive the full RFP documentation.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Experience of successful implementations (including testing and deployment) of CyberArk-based solutions in the last three years
  • Experience of successfully delivering complex end-to-end software solutions in large public sector organisations
  • Demonstrable knowledge of Privileged Access Management best practice methodologies and tools
  • Demonstrate ability to mobilise an experienced CyberArk implementation team with relevant certifications within the timescales and to manage their performance over the entire contract duration
  • Have demonstrable knowledge of networking technologies (including but not limited to HTTPS, RDP, SSH)
  • Have demonstrable experience of collaborative working with a client's ‘in-house’ teams and external delivery partners, including coaching and mentoring, delivery of training, and knowledge sharing
  • Have demonstrable experience of transitioning systems to live service, implementing new working processes for impacted teams, and providing a full knowledge transfer to the end customer
Nice-to-have skills and experience
  • Evidence of CyberArk Partner Status (Platinum or Gold)
  • Experience of successful implementation of CyberArk in both an on-premises data centre and in AWS.
  • Demonstrable experience of sever build and configuration in on premises data centres

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many suppliers to evaluate 4
Proposal criteria
  • Provision of an implementation plan for estimated timeframes for the work, with approach to managing risks and dependencies
  • Proposed implementation team structure, with CVs outlining relevant experience of each member of the proposed team
  • Proposed approach to mobilisation of implementation team
  • The proposed approach and methodology, and how these meet the requirements
  • Provision of a case study where your company have implemented some or all of the CyberArk product suite
  • Provision of case study where your company have transitioned a system into live service.Approach to ensuring value for money
Cultural fit criteria
  • Ability to function effectively and collaborate in a multi-supplier environment
  • Working successfully in complex public sector organisations
  • Approach to proactive issue management, problem resolution and improving ways of working
  • Ensure consistency of staff and skills for the expected duration of the contract
Payment approach Fixed price
Assessment methods
  • Written proposal
  • Case study
  • Reference
  • Presentation
Evaluation weighting

Technical competence


Cultural fit




Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. Proposal criteria: Is 'approach for ensuring value for money' a seperate criteria ? Yes. Please note "Provision of case study where your company have transitioned a system into live service.Approach to ensuring value for money" should be split into two different bullet points i.e. A) Provision of case study where your company have transitioned a system into live service; B) .Approach to ensuring value for money
2. 1) Is this T&M or outcome based? 2) How many personnel is required of the supplier? 3) When will be the award of this time 4) Has there been any implementation of CyberArk? 5) What outstanding work is required of the new supplier? 1) Outcome based.
2) The next phase ITT will include our requirements that will detail the expected outcomes. As this is not a T&M based contract, we will not be able to provide details on number of personnel (but expect bidders to propose as part of their solution in the next stage )
3) By early march.
4) No, although some hardware has been installed in the Home Office data centres and licences have already been procured. Some discovery work has also taken place.
5) Full implementation, including transition into live service. Further detail will be provided in the RFP.