FOI release

SIA security incident event management contract

Published 21 December 2022

© Crown copyright 2022

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/sia-security-incident-event-management-contract/sia-security-incident-event-management-contract

1. Request

Please provide details for the following contract: Security Incident Event Management

The details we require are:

  1. What are the contractual performance KPI’s for this contract?
  2. Suppliers who applied for inclusion on each framework/contract and were successful & not successful at the PQQ & ITT stages
  3. Actual spend on this contract/framework (and any sub lots), from the start of the contract to the current date
  4. Start date & duration of framework/contract?
  5. Could you please provide a copy of the Invitation to Tender/Further Competition supplied to all bidders for when this contract was last advertised?
  6. Could you provide a copy of the winning bidders Invitation to Tender/Further Competition?
  7. Is there an extension clause in the framework(s)/contract(s) and, if so, the duration of the extension?
  8. Has a decision been made yet on whether the framework(s)/contract(s) are being either extended or renewed?
  9. Who is the senior officer (outside of procurement) responsible for this contract?
  10. In addition to your SIEM service do you have a service in place to remediate in the event of a security breach?

2. Response

  1. This information is attached.

  2. Softcat and Quorum were the two suppliers that the SIA looked at. The only supplier that showed an initial interest via a G Cloud clarification process was Quorum. The primary decision to not move forward with this supplier was because the SIA needed a greater presence within Microsoft Azure. Microsoft Azure were able to provide professional services to build out the environment for us and the SIA would then bear the compute costs for the solution. They would then provide a security operations service by integrating into the Azure instance of Sentinnel via Azure Lighthouse. Given the whole life costs we explored a solution that could operate within our existing UK Cloud platform.

  3. £81,436.80 is the actual spend of this contract to date, there is no sub lots.

  4. 30 April 2021 – 29 April 2023 (24 months)

  5. The SIA is not able to provide this information as it is commercially sensitive. Bidders for this contract signed a Non-Disclosure Agreement before being sent the Request for Proposal.

  6. The SIA is not able to provide this information as it is commercially sensitive. Moreover, contractually the SIA are not obliged to disclose this.

  7. 12 months.

  8. Not yet.

  9. Outside of procurement, the senior officer responsible for this contract is the Head of Finance and Procurement. The relevant inbox is: procurement@sia.gov.uk

  10. In regard to our SIEM service, our managed security service provider offer a detect facility only. The notification of any potential breaches, and investigation/remediation is carried out by internal SIA staff members.

[Reference: FOI 0377]

Back to top