Ministry of Defence

Cyber Vulnerability Investigations (CVI) Above Secret Study

Incomplete applications

11
Incomplete applications
9 SME, 2 large

Completed applications

8
Completed applications
7 SME, 1 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Wednesday 24 January 2018
Deadline for asking questions Friday 26 January 2018 at 11:59pm GMT
Closing date for applications Wednesday 31 January 2018 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Specialist role Business analyst
Summary of the work Conduct of a study to inform future Cyber Vulnerability Investigation (CVI) delivery at different security tiers.
Latest start date Monday 19 February 2018
Expected contract length Until 31st March 2018
Location South West England
Organisation the work is for Ministry of Defence
Maximum day rate To get a better understanding of the market and to ensure the best value for money is obtained, we do not wish to disclose our maximum day rate

About the work

About the work
Opportunity attribute name Opportunity attribute value
Early market engagement None
Who the specialist will work with The team is a mixture of military, civilian and external contractors. The task will also involve engagement with industry partners delivering CVI's
What the specialist will work on -Understand working practices to establish the security requirements for the future working of the CVI Ops Cell.
-Assess current requirements for storage, management and exploitation CVI outputs at S and AS security tiers and associated impacts/risks, including that of aggregation and accessibility
-Review processes, focusing on current security requirements, and recommend how these processes may need to be adapted
-Engage with industry to understand the feasibility and impact for them to conduct all CVI business at different security tiers.
-Deliver an options analysis for how CVI Ops Cell activity can be conducted going forward,taking into account recommendations and requirements developed

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place Work will predominantly take place from MOD Corsham.

The winning bidder will also need to engage with stakeholders at other MOD sites such as MOD Main Building and Cheltenham.

Industry engagement will be required with current CVI suppliers at various locations.

Remote working may be possible on occasions providing the individual has access to an appropriately secure List X environment. This would need to be agreed with MOD before this could take place.
Working arrangements On average, an individual should expect to be on site at MOD Corsham for three days a week in order to engage with the Ops Cell. The other two days will be spent meeting with stakeholders at other sites e.g. MOD Main Building, Cheltenham and CVI supplier sites.

No expenses will be paid. Any envisaged expenses should be accounted for in an individuals day rate.
Security clearance Due to the nature of the work and the environment in which it is situated, the individual will be required to hold DV clearance before they can start work.

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions This role has been judged to be outside of IR35.

The weightings given for the technical competences / cultural fit will be used at both the shortlisting and evaluation phases

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Have experience analysing business processes and information flows (30%)
  • Have experience in assessing and improving business process and systems within large, complex organisations (20%)
  • Experience of planning and costing business change (20%)
Nice-to-have skills and experience
  • Understand the MOD's approach to Defensive Cyber Operations and the Cyber Vulnerability Investigation capability (10%)
  • Understanding of the MOD Defence Lines of Development (DLOD) approach (10%)
  • Previous experience of working on cyber defence projects (5%)
  • Have ability to evaluate information and present in such a way that is easily understood by the target audience, including through written and oral communication (5%)

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many specialists to evaluate 3
Cultural fit criteria
  • Quickly form good working relations in order to elicit in-depth business analysis (30%)
  • Ability to ascertain information to support business analysis through effective communication techniques (30%)
  • Values and behaviors in line with MOD core values (40%)
Assessment methods
  • Work history
  • Reference
  • Interview
Evaluation weighting

Technical competence

60%

Cultural fit

20%

Price

20%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. Is there scope to extend beyond 31st March? No. Work must be completed by 31st March
2. Do you expect the contract will be extended beyond the end of March 2018 please? No. Work must be completed by 31st March
3. Is this role likely to go on beyond March 31st? No. Work must be completed by 31st March
4. Is there currently, or has there recently been, an incumbent carrying out similar work for the Authority? No. This is a new task