Cabinet Office, plus all government departments

Organisational Design for Transforming Government Security programme

Incomplete applications

Incomplete applications
2 SME, 3 large

Completed applications

Completed applications
4 SME, 9 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Thursday 1 March 2018
Deadline for asking questions Thursday 8 March 2018 at 11:59pm GMT
Closing date for applications Thursday 15 March 2018 at 11:59pm GMT


Opportunity attribute name Opportunity attribute value
Summary of the work Involvement strategy for frontline and management staff in the organisational design
Establish and agree a common target operating model template for CSUs across all four clusters and the Government Security Group.
Develop an implementation planning approach for CSUs to move from their current state to the target operating model.
Latest start date Monday 16 April 2018
Expected contract length 2 years (maximum)
Location London
Organisation the work is for Cabinet Office, plus all government departments
Budget range £1 million

About the work

About the work
Opportunity attribute name Opportunity attribute value
Why the work is being done The Transforming Government Security programme aims to improve the way it does protective security through setting up:

A Government Security Function
Four Cluster Security Units
Security data, standards and compliance
Security profession
Simplified landscape for common security providers.
Problem to be solved Involvement strategy for frontline and management staff in the organisational design - develop strategy for CSUs to involve staff, particularly those most affected by the change.
Target operating model - governance, structure, accountabilities, common model.
Implementation planning approach - for the move from current to future model, templates and plans.
Challenge function for the four Cluster Security Units as they are designed - questioning things that have not yet been considered, bringing external expertise
This will involve getting to know each Cluster Security Unit and understanding their differences before leaping into design. The focus will be on cyber security.
Who the users are and what they need to do Frontline security staff who need to support the shape of the Cluster Security Units and feel part of the new organisations.
Senior management in the Cluster Security Units who need to understand what the new organsiation will look like and how it is going to work.
Government Security Group who need to understand how security is going to work across the whole of government in the new model.
Early market engagement
Any work that’s already been done The Cabinet Office Organisational Design team have worked with several departments to develop a set of design principles.
Finyx have delivered some organisational design support to Cluster 1 (with HMRC) and Cluster 2 (with Home Office).
Existing team There is a central programme team, based in the Cabinet Office, running the Transforming Government Security programme. They will be the key point of contact initially. There are also four programme teams in each of the Cluster Security Units, based in HMRC, Home Office, DWP, MOD and FCO. They will be the key points of contact for work with each cluster.
Current phase Beta

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place The location is primarily London, however, there will be frequent travel to other locations as required, particularly to support DWP and MOD which have large operations outside of London. This may mean spending time in Birmingham, Telford, Manchester and Leeds.
Working arrangements Four full time people are expected to spend most of their time based with the project teams in Cabinet Office, HMRC, Home Office, DWP, MOD and FCO. It will not necessarily be four people at the same time - the work may be spread out over a longer period of time. The strong preference is that the people involved are consistent throughout the project.
Security clearance CTC may be required.

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Experience of delivering organisational design projects in government
  • Experience of working on government change programmes
Nice-to-have skills and experience
  • Experience of working in protective security
  • Experience of working with frontline operational staff and senior management

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many suppliers to evaluate 3
Proposal criteria
  • How the approach or solution meets user needs
  • Value for money
  • Team structure
  • Estimated timeframes for the work
Cultural fit criteria
  • Work as a team with the government departments
  • Share knowledge and experience with other team members
  • Provide a consistent set of team members to support the work
  • Be as comfortable working with operational frontline staff as senior management
  • Bring expertise from outside government, as well as existing government experience
Payment approach Time and materials
Assessment methods
  • Written proposal
  • Case study
  • Work history
  • Presentation
Evaluation weighting

Technical competence


Cultural fit




Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. Is this a fixed price contract? No. This is time and materials. The maximum total spend across the life of the project is £1 million. The money will be gated and paid time and materials for each phase.
2. Can you please confirm that being selected for this work would not exclude the successful supplier from delivering any future work associated with the Cluster Security Units resulting from this? No
3. Are the four people that you envisage needing to be cyber security experts or organisational design experts or both skill sets combined? Four people is a guide, not a hard requirement. It may be that the skill sets change as the task evolves. The priority however is that good relationships can be built with these individuals and they can carry the learning across the whole piece of work. I expect they would primarily be organisational design experts, rather than cyber security experts, but any experience of security would be a bonus.
4. Does your definition of protective security cover the full security cycle consisting of Prepare, Detect, Protect, Respond and Recover domains? Corporate protective security is the combination of physical, personnel and people, information, technology and cyber security measures that enables an organisation to protect itself against security threats to Government assets and people.