Cyber Security Testing Services (CSTS)
EirGrid plc
Driven by the ongoing development of our information security framework and business transformation programmes, EirGridโs Information Security function has established a security testing and a security risk assessments reporting regime. The aim of the reporting regime is to provide EirGrid with the following:
1) Vulnerability assessment with the associated exposures inherent within their current infrastructure;
2) Comprehensive risk analysis and recommendations, including a remediation plan;
3) Security audit, security reviews and test details, including applied methodology.
In keeping with its position in the industry EirGrid maintains a modern IT infrastructure comprising the following technologies:
โ Servers: physical and virtua, Linux, Unix, Windows,
โ desktop: Workstation and Laptop, Windows,
โ databases: oracle and MSQL,
โ network: routers, switches, firewalls, load balancers and gateways,
โ cloud services.
The time limit for receipt of tenders was 2019-03-04. The procurement was published on 2019-01-28.
SuppliersThe following suppliers are mentioned in award decisions or other procurement documents:
- โข Ernst and Young
- โข EirGrid plc
- โข Information systems or technology strategic review and planning services โบ Information technology services
- โข Eastern and Midland โบ Dublin
- โข Northern Ireland โบ Belfast
Procurement history
| Date | Document |
|---|---|
| 2019-01-28 | Contract notice |
| 2020-04-23 | Contract award notice |
Contract notice (2019-01-28)
Object
Scope of the procurement
Title: Information technology services
Reference number: ENQEIR653
Short description:
Notice metadata
Original language: English ๐ฃ๏ธ
Document type: Contract notice
Nature of contract: Services
Regulation: European Union, with participation of GPA countries
Common procurement vocabulary (CPV)
Code: Information technology services ๐ฆ
Additional CPV: Information technology services ๐ฆ
Place of performance
NUTS region: Belfast ๐๏ธ
Procedure
Procedure type: Negotiated procedure
Type of bid: Submission for all lots
Award criteria
The most economic tender
Contracting authority
Identity
Country: Ireland ๐ฎ๐ช
Awarding authority type: Utilities entity
Awarding authority name: EirGrid plc
Postal address: Block 2 โ The Oval, 160 Shelbourne Road
Postal code: Dublin 4
Postal town: Ballsbridge
Contact
Internet address: http://www.eirgrid.com ๐
E-mail: paul.valentine@eirgrid.com ๐ง
Phone: +353 12370200 ๐
URL for documents: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=141234&B=ETENDERS_SIMPLE ๐
URL for participation: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=141234&B=ETENDERS_SIMPLE ๐
Reference
Dates
Date dispatched: 2019-01-28 ๐
Submission deadline: 2019-03-04 ๐
Publication date: 2019-01-31 ๐
Identifiers
Notice number: 2019/S 022-048945
OJ-S issue: 22
Additional information
Object
Scope of the procurement
Short description:
Estimated total value: 640 000 EUR ๐ฐ
Short description:
Estimated value excluding VAT: 640 000 EUR ๐ฐ
Duration: 36 months
Description of options:
Place of performance
Main site or place of performance: Dublin, Belfast.
Legal, economic, financial and technical information
Conditions for participation
Suitability to pursue the professional activity:
Deposits and guarantees required:
Procedure
Legal basis: 32014L0025
Envisaged number of candidates: 5
Objective criteria for choosing the limited number of candidates:
Languages in which tenders or requests to participate may be submitted: English ๐ฃ๏ธ
Tender validity period: 12 months
Contracting authority
Identity
National registration number: N/a
Contact
Contact point: Paul Valentine
Address of the buyer profile: https://irl.eu-supply.com/ctm/Company/CompanyInformation/Index/219 ๐
Documents URL: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=141234&B=ETENDERS_SIMPLE ๐
Reference
Additional information
Complementary information
Review body
Name: The High Court
Postal address: Four Courts
Postal town: Dublin
Postal code: 7
Country: Ireland ๐ฎ๐ช
Phone: +353 18886000 ๐
Internet address: http://www.courts.ie ๐
Information about review deadlines:
Service from which information about the review procedure may be obtained
Name: Central office of the High Courts (Appeal Section)
Postal address: Ground Floor, East Wing, Inns Quay
Source: OJS 2019/S 022-048945 (2019-01-28)
Object
Scope of the procurement
Title: Information technology services
Reference number: ENQEIR653
Short description:
Driven by the ongoing development of our information security framework and business transformation programmes, EirGridโs Information Security function has established a security testing and a security risk assessments reporting regime. The aim of the reporting regime is to provide EirGrid with the following:
1) Vulnerability assessment with the associated exposures inherent within their current infrastructure;
2) Comprehensive risk analysis and recommendations, including a remediation plan;
3) Security audit, security reviews and test details, including applied methodology.
In keeping with its position in the industry EirGrid maintains a modern IT infrastructure comprising the following technologies:
โ Servers: physical and virtua, Linux, Unix, Windows,
โ desktop: Workstation and Laptop, Windows,
โ databases: oracle and MSQL,
โ network: routers, switches, firewalls, load balancers and gateways,
โ cloud services.
Show more
Original language: English ๐ฃ๏ธ
Document type: Contract notice
Nature of contract: Services
Regulation: European Union, with participation of GPA countries
Common procurement vocabulary (CPV)
Code: Information technology services ๐ฆ
Additional CPV: Information technology services ๐ฆ
Place of performance
NUTS region: Belfast ๐๏ธ
Procedure
Procedure type: Negotiated procedure
Type of bid: Submission for all lots
Award criteria
The most economic tender
Contracting authority
Identity
Country: Ireland ๐ฎ๐ช
Awarding authority type: Utilities entity
Awarding authority name: EirGrid plc
Postal address: Block 2 โ The Oval, 160 Shelbourne Road
Postal code: Dublin 4
Postal town: Ballsbridge
Contact
Internet address: http://www.eirgrid.com ๐
E-mail: paul.valentine@eirgrid.com ๐ง
Phone: +353 12370200 ๐
URL for documents: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=141234&B=ETENDERS_SIMPLE ๐
URL for participation: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=141234&B=ETENDERS_SIMPLE ๐
Reference
Dates
Date dispatched: 2019-01-28 ๐
Submission deadline: 2019-03-04 ๐
Publication date: 2019-01-31 ๐
Identifiers
Notice number: 2019/S 022-048945
OJ-S issue: 22
Additional information
1) Interested parties must register their interest on the eTenders website (www.etenders.gov.ie) in order to be included on the mailing list for clarifications. All information relating to attachments, including clarifications and changes, will be published on the Irish Government Procurement Opportunities Portal (www.etenders.gov.ie) only. Registration is free of charge. The Contracting Authority will not accept responsibility for information relayed (or not relayed) via third parties.
2) This is the sole call for competition for this service.
3) The Contracting Authority will not be responsible for any costs, charges or expenses incurred by candidates or tenderers.
4) Contract award will be subject to the approval of the competent authorities.
5) It will be a condition of award that candidates are tax compliant and are in a position to produce a valid tax clearance certificate or eTax Clearance from the Revenue Commissioners when requested.
6) If for any reason it is not possible to award the contract one or more of the tenderers invited following the conclusion of this competitive process, the contracting authority reserves the right to award the contract to the next ranked tenderer as appropriate.
7) At its absolute discretion, the contracting authority may elect to terminate this procurement process or any contract awarded.
8) Please note in relation to all documents, that where reference is made to a particular standard, make, source, process, trademark, type or patent, that this is not to be regarded as a de facto requirement. In all such cases it should be understood that such indications are to be treated strictly and solely for reference purposes only, to which the words โor equivalentโ will always be appended.
9) Without prejudice to the principle of equal treatment, the Contracting Authority is not obliged to engage in a clarification process in respect of questionnaires with missing or incomplete information. Therefore, candidates are advised to ensure that they return fully completed questionnaires in order to avoid the risk of elimination from the competition.
Show more
Object
Scope of the procurement
Short description:
Driven by the ongoing development of our information security framework and business transformation programmes, EirGridโs Information Security function has established a security testing and a security risk assessments reporting regime. The aim of the reporting regime is to provide EirGrid with the following:
Show more
1) Vulnerability assessment with the associated exposures inherent within their current infrastructure;
2) Comprehensive risk analysis and recommendations, including a remediation plan;
3) Security audit, security reviews and test details, including applied methodology.
In keeping with its position in the industry EirGrid maintains a modern IT infrastructure comprising the following technologies:
โ Servers: physical and virtua, Linux, Unix, Windows,
โ desktop: Workstation and Laptop, Windows,
โ databases: oracle and MSQL,
โ network: routers, switches, firewalls, load balancers and gateways,
โ cloud services.
Short description:
EirGrid intends to establish a single supplier framework. The Framework Agreement period will be for an initial duration of three (3) years with the option to extend yearly for up to five (5) years, subject always to the satisfactory performance of the member.
Show more
EirGrid require a security partner to provide the scope of services below. The scope of services is expected to include, but is not limited to:
โ Provision of Cyber Security Testing Services (CSTS) across EirGridโs IT Infrastructure to ensure security, confidentiality and integrity,
โ security testing will be primarily targeted at the externally visible infrastructure but some may be required to be internal,
โ security testing may be targeted at production and pre-production environments,
โ some CSTS may require re-testing to confirm the implementation of the remediation plan,
โ each security testing will be subject to individual scoping determined by EirGrid and agreed with the successful supplier, including โrules of engagementโ such as:
โโ type of security testing,
โโ targets,
โโ objectives (what can and cannot be done),
โโ scope (processes, website options, infrastructure, services that are off limits),
โโ progress reporting,
โโ entry points.
Duration: 36 months
Description of options:
The initial contract period envisaged is 3 years with the possibility to extend annually up to a further 5 years, subject always to the satisfactory performance of the supplier.
The estimated spend of 640 000 EUR is taking into account the full duration of the contract including the possible extensions.
Main site or place of performance: Dublin, Belfast.
Legal, economic, financial and technical information
Conditions for participation
Suitability to pursue the professional activity:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
List and brief description of rules and criteria:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
Contract execution
Deposits and guarantees required:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
Main financing conditions and payment arrangements and/or reference to the relevant provisions governing them:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
Legal form to be taken by the group of economic operators to whom the contract is to be awarded:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
Contract performance conditions:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
Procedure
Legal basis: 32014L0025
Envisaged number of candidates: 5
Objective criteria for choosing the limited number of candidates:
Please see information memorandum and pre-qualification questionnaire attached to this notice.
Time of receipt of tenders: 12:00
Languages in which tenders or requests to participate may be submitted: English ๐ฃ๏ธ
Tender validity period: 12 months
Contracting authority
Identity
National registration number: N/a
Contact
Contact point: Paul Valentine
Address of the buyer profile: https://irl.eu-supply.com/ctm/Company/CompanyInformation/Index/219 ๐
Documents URL: http://irl.eu-supply.com/app/rfq/rwlentrance_s.asp?PID=141234&B=ETENDERS_SIMPLE ๐
Reference
Additional information
1) Interested parties must register their interest on the eTenders website (www.etenders.gov.ie) in order to be included on the mailing list for clarifications. All information relating to attachments, including clarifications and changes, will be published on the Irish Government Procurement Opportunities Portal (www.etenders.gov.ie) only. Registration is free of charge. The Contracting Authority will not accept responsibility for information relayed (or not relayed) via third parties.
Show more
2) This is the sole call for competition for this service.
3) The Contracting Authority will not be responsible for any costs, charges or expenses incurred by candidates or tenderers.
4) Contract award will be subject to the approval of the competent authorities.
5) It will be a condition of award that candidates are tax compliant and are in a position to produce a valid tax clearance certificate or eTax Clearance from the Revenue Commissioners when requested.
6) If for any reason it is not possible to award the contract one or more of the tenderers invited following the conclusion of this competitive process, the contracting authority reserves the right to award the contract to the next ranked tenderer as appropriate.
Show more
7) At its absolute discretion, the contracting authority may elect to terminate this procurement process or any contract awarded.
8) Please note in relation to all documents, that where reference is made to a particular standard, make, source, process, trademark, type or patent, that this is not to be regarded as a de facto requirement. In all such cases it should be understood that such indications are to be treated strictly and solely for reference purposes only, to which the words โor equivalentโ will always be appended.
Show more
9) Without prejudice to the principle of equal treatment, the Contracting Authority is not obliged to engage in a clarification process in respect of questionnaires with missing or incomplete information. Therefore, candidates are advised to ensure that they return fully completed questionnaires in order to avoid the risk of elimination from the competition.
Show more
Complementary information
Review body
Name: The High Court
Postal address: Four Courts
Postal town: Dublin
Postal code: 7
Country: Ireland ๐ฎ๐ช
Phone: +353 18886000 ๐
Internet address: http://www.courts.ie ๐
Information about review deadlines:
The Contracting Authority will not conclude this contract to which a standstill period applies in accordance with Council Directive 2014/25/EU, until after the expiry of the standstill period which commences on the day following the date of notification on concerned candidates and tenderers. The duration of the standstill period will be 14 calendar days where notifications are sent electronically or by fax and 16 calendar days where these are sent by any other means. The statutory instrument mentioned above provides that review procedures are available in the High Court to a person who has or has had an interest in obtaining the reviewable public contract and alleges that he or she has been harmed or is at risk of being harmed by an infringement of the law in relation in this contract.
Show more
Name: Central office of the High Courts (Appeal Section)
Postal address: Ground Floor, East Wing, Inns Quay
Source: OJS 2019/S 022-048945 (2019-01-28)
Contract award notice (2020-04-23)
Object
Scope of the procurement
Short description:
Total value of the procurement: 1 000 000 EUR ๐ฐ
Notice metadata
Document type: Contract award notice
Procedure
Type of bid: Not applicable
Contracting authority
Identity
Postal address: Block 2 โ The Oval, 160 Shelbourne Road, Dublin 4
Reference
Dates
Date dispatched: 2020-04-23 ๐
Publication date: 2020-04-28 ๐
Identifiers
Notice number: 2020/S 083-197649
Refers to notice: 2019/S 022-048945
OJ-S issue: 83
Additional information
Object
Scope of the procurement
Short description:
Additional information:
Procedure
Award criteria
Quality criterion (name): Quality quantity and balance of human resources
Quality criterion (weighting): 15
Quality criterion (name): Approach and methodology
Sample projects
Quality criterion (weighting): 30
Quality criterion (name): Quality assurance
Quality criterion (weighting): 5
Quality criterion (name): Service levels
Price (weighting): 30
Award of contract
Date of contract conclusion: 2020-04-22 ๐
Name: Ernst and Young
National registration number: IE 4554695L
Postal address: Harcourt Centre, Harcourt Street
Postal town: Dublin
Country: Ireland ๐ฎ๐ช
Phone: +353 4794074 ๐
E-mail: eytendersirl@ie.ey.com ๐ง
Country: Dublin ๐๏ธ
Internet address: http://www.ey.com ๐
Total value of the procurement: 1 000 000 EUR ๐ฐ
Information about tenders
Number of tenders received: 5
Complementary information
Review body
Postal town: Dublin 7
Source: OJS 2020/S 083-197649 (2020-04-23)
Object
Scope of the procurement
Short description:
This tender process is now complete.
Driven by the ongoing development of our information security framework and business transformation programmes, EirGridโs Information Security function has established a security testing and a security risk assessments reporting regime. The aim of the reporting regime is to provide EirGrid with the following:
1) Vulnerability assessment with the associated exposures inherent within their current infrastructure;
2) Comprehensive risk analysis and recommendations, including a remediation plan;
3) Security audit, security reviews and test details, including applied methodology.
In keeping with its position in the industry EirGrid maintains a modern IT infrastructure comprising the following technologies:
โข servers: physical and virtual. Linux, Unix, Windows.
โข desktop: workstation and laptop. Windows.
โข databases: Oracle and MSQL.
โข network: routers, switches, firewalls, load balancers and gateways.
โข cloud services.
Show more
Notice metadata
Document type: Contract award notice
Procedure
Type of bid: Not applicable
Contracting authority
Identity
Postal address: Block 2 โ The Oval, 160 Shelbourne Road, Dublin 4
Reference
Dates
Date dispatched: 2020-04-23 ๐
Publication date: 2020-04-28 ๐
Identifiers
Notice number: 2020/S 083-197649
Refers to notice: 2019/S 022-048945
OJ-S issue: 83
Additional information
The estimate contract value is taking into account the contract being extended for the additional 5 years.
Object
Scope of the procurement
Short description:
This tender process is now complete.
โข servers: physical and virtual. Linux, Unix, Windows.
โข desktop: workstation and laptop. Windows.
โข databases: Oracle and MSQL.
โข network: routers, switches, firewalls, load balancers and gateways.
โข cloud services.
This tender process is complete.
EirGrid intends to establish a single supplier framework. The framework agreement period will be for an initial duration of three (3) years with the option to extend yearly for up to five (5) years, subject always to the satisfactory performance of the member.
Show more
โข provision of Cyber Security Testing Services (CSTS) across EirGridโs IT Infrastructure to ensure security, confidentiality and integrity.
โข security testing will be primarily targeted at the externally visible infrastructure but some may be required to be internal.
โข security testing may be targeted at production and pre-production environments.
โข some CSTS may require re-testing to confirm the implementation of the remediation plan.
โข each security testing will be subject to individual scoping determined by EirGrid and agreed with the successful supplier, including โrules of engagementโ such as:
โ type of security testing
โ targets
โ objectives (what can and cannot be done)
โ scope (processes, website options, infrastructure, services that are off limits)
โ progress reporting
โ entry points.
The estimate contract value is taking into account the contract being extended for the additional 5 years.
Procedure
Award criteria
Quality criterion (name): Quality quantity and balance of human resources
Quality criterion (weighting): 15
Quality criterion (name): Approach and methodology
Sample projects
Quality criterion (weighting): 30
Quality criterion (name): Quality assurance
Quality criterion (weighting): 5
Quality criterion (name): Service levels
Price (weighting): 30
Award of contract
Date of contract conclusion: 2020-04-22 ๐
Name: Ernst and Young
National registration number: IE 4554695L
Postal address: Harcourt Centre, Harcourt Street
Postal town: Dublin
Country: Ireland ๐ฎ๐ช
Phone: +353 4794074 ๐
E-mail: eytendersirl@ie.ey.com ๐ง
Country: Dublin ๐๏ธ
Internet address: http://www.ey.com ๐
Total value of the procurement: 1 000 000 EUR ๐ฐ
Information about tenders
Number of tenders received: 5
Complementary information
Review body
Postal town: Dublin 7
Source: OJS 2020/S 083-197649 (2020-04-23)
New procurements in related categories ๐
- IT services: consulting, software development, Internet and support (>20 new procurements)