Provision of an Integrated Risk Management SaaS Solution

Electricity Supply Board (ESB)

The contracting entity intends to procure a contract to supply, implement and host an integrated Risk Management SaaS solution.
Integrated risk management enables simplification, automation and integration of strategic, operational and IT risk management processes and data. Integrated Risk Management (IRM) solutions combine technology, processes and data that fulfil the objective of enabling the simplification, automation and integration of strategic, operational and IT risk management across the organization.
Applicants must be able to provide an Integrated Risk Management SaaS solution across the following use cases;
— vulnerability risk management
— information and Cybersecurity risk management
— incident management
— vendor risk management
— GDPR Compliance risk management
— policy management
— enterprise risk management
— NIS Regulation Compliance Risk Management.

Deadline
The time limit for receipt of tenders was 2018-12-07. The procurement was published on 2018-11-05.

Who?

• Electricity Supply Board (ESB)

What?

• IT services: consulting, software development, Internet and support

Where?

• Eastern and Midland › Dublin

Procurement history

Date	Document
2018-11-05	Contract notice

Contract notice (2018-11-05)
Contracting authority
Name and addresses
Name: Electricity Supply Board (ESB)
National registration number: N/a
Postal address: 2 Gateway
Postal town: Dublin 3
Postal code: East Wall Road
Country: Ireland 🇮🇪
Contact person: Stephen Lawton
Phone: +353 17026836 📞
E-mail: stephen.lawton@esb.ie 📧
Region: Dublin 🏙️
URL: http://www.esb.ie 🌏
Address of the buyer profile: https://irl.eu-supply.com/ctm/Company/CompanyInformation/Index/377 🌏
Communication
Documents URL: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=137514&B=ETENDERS_SIMPLE 🌏
Participation URL: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=137514&B=ETENDERS_SIMPLE 🌏

Object
Scope of the procurement
Title: Provision of an Integrated Risk Management SaaS Solution SSCON4220
Products/services: IT services: consulting, software development, Internet and support 📦
Short description:
“The contracting entity intends to procure a contract to supply, implement and host an integrated Risk Management SaaS solution. Integrated risk management...”

1️⃣
Additional products/services: IT services: consulting, software development, Internet and support 📦
Place of performance: Dublin 🏙️
Main site or place of performance: Dublin
Description of the procurement:
“The contracting entity intends to procure a contract to supply, implement and support an Integrated risk management SaaS solution. The successful provider...”

Description of the procurement

The contracting entity intends to procure a contract to supply, implement and support an Integrated risk management SaaS solution.
The successful provider will already have delivered a similar solution to industries to the scale and requirements that are being sought by ESB and outlined below.
The risk management software solution will be required to deliver the following capabilities:
— provision, implementation and support of a scalable Integrated Risk Management software solution to support and deliver cybersecurity risk management, policy risk management, GDPR Compliance risk management and NIS Regulation Compliance Risk Management.
— the Integrated Risk Management software solution must have KPI Monitoring/Reporting scorecard and dashboard, external data integration and performance metrics
— the Integrated Risk Management solution must be a cloud-based SaaS and be fully scalable (for future expansion if necessary), e.g. the solution must be able to cater for an increase in users and increasing data storage or processing power as required in future
— the requirement is to support and deliver the following:
—— information and Cybersecurity risk management,
—— GDPR compliance risk management,
—— policy management,
—— vendor risk management,
—— NIS Regulation Compliance risk Management,
— at a later stage, the solution must be able to provide:
—— vulnerability risk management,
—— incident management,
—— enterprise risk management.
The proposed solution must have all requirements outlined above at present, but they will be drawn down at a later stage.
There will potentially be 122 users of the solution, split between 20 Power Users, 100 users with standard access, and 2 administrators

Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
Duration of the contract, framework agreement or dynamic purchasing system
The time frame below is expressed in number of months.
Description
Duration: 36
Information about the limits on the number of candidates to be invited
Envisaged minimum number: 5
Information about options
Options ✅
Description of options:
“It is envisaged the term of the contract commences on the date when services commence and shall be for a period of up to 36 months with an option to extend...”
Description
Additional information:
“Please refer to the individual instructions for submission of bids relevant to each tender issued via the system.”

Legal, economic, financial and technical information
Conditions for participation
List and brief description of conditions:
“As stated in Procurement Qualification Questionnaire (PQQ) available to download from www.etenders.gov.ie using RFT ID 141896.”
Economic and financial standing
List and brief description of selection criteria:
“As stated in Procurement Qualification Questionnaire (PQQ) available to download from www.etenders.gov.ie using RFT ID 141896.”
Technical and professional ability
List and brief description of selection criteria:
“As stated in Procurement Qualification Questionnaire (PQQ) available to download from www.etenders.gov.ie using RFT ID 141896.”
Conditions for participation
Deposits and guarantees required: Will be set out in the RFT.
Main financing conditions and payment arrangements and/or reference to the relevant provisions governing them: Will be set out in the RFT.
Legal form to be taken by the group of economic operators to whom the contract is to be awarded:
“As stated in Pre-qualification Questionnaire (PQQ) available to download from http://www.etenders.gov.ie/ using RFT ID 141896.”
Conditions related to the contract
Contract performance conditions: Will be set out in the RFT.

Procedure
Type of procedure
Negotiated procedure with prior call for competition
Administrative information
Time limit for receipt of tenders or requests to participate: 2018-12-07 12:00 📅
Languages in which tenders or requests to participate may be submitted: English 🗣️

Complementary information
Information about electronic workflows
Electronic ordering will be used
Electronic payment will be used
Additional information

“1) Interested parties must register their interest on the eTenders website (http://www.etenders.gov.ie/) in order to be included on the mailing list for...”

1) Interested parties must register their interest on the eTenders website (http://www.etenders.gov.ie/) in order to be included on the mailing list for clarifications. All information relating to attachments, including clarifications and changes, will be published on the Irish Government Procurement Opportunities Portal (http://www.etenders.gov.ie/) only. Registration is free of charge. The contracting entity will not accept responsibility for information relayed (or not relayed) via third parties;
2) This is the sole call for competition for this service;
3) The contracting entity will not be responsible for any costs, charges or expenses incurred by candidates or tenderers;
4) Contract award will be subject to the approval of the competent authorities;
5) It will be a condition of award that candidates are tax compliant;
6) If for any reason it is not possible to admit to the contract one or more of the tenderers invited following the conclusion of this competitive process, or having awarded a contract, the contracting entity reserves the right to invite the next highest scoring tenderer to join the contract and/or deliver the contract as appropriate to the circumstances pertaining to said contract;
7) At its absolute discretion, the contracting entity may elect to terminate this procurement process at any time;
8) Please note in relation to all documents, that where reference is made to a particular standard, make, source, process, trademark, type or patent, that this is not to be regarded as a de facto requirement. In all such cases, it should be understood that such indications are to be treated strictly and solely for reference purposes only, to which the words "or equivalent" will always be appended;
9) Without prejudice to the principle of equal treatment, the contracting entity is not obliged to engage in a clarification process in respect of questionnaires with missing or incomplete information. Therefore, candidates are advised to ensure that they return fully completed questionnaires in order to avoid the risk of elimination from the competition;
10) At Section II.2.9 we have indicated that 5 will be invited to tender, please note that the contracting entity reserves the right to invite at least 5, subject to that number qualifying.

Review body
Name: Chief Registrar
Postal address: Four Courts, Inns Quay
Postal town: Dublin 7
Country: Ireland 🇮🇪
Phone: +353 18886000 📞
URL: http://www.courts.ie 🌏
Review procedure
Precise information on deadline(s) for review procedures:
“The contracting entity will not conclude this contract until after the expiry of the standstill period which commences on the day following the date of...”
Service from which information about the review procedure may be obtained
Name: Consult a Legal Advisor
Postal town: Ireland
Country: Ireland 🇮🇪
Source: OJS 2018/S 214-491147 (2018-11-05)

New procurements in related categories 🆕

IT services: consulting, software development, Internet and support