Mobile Data Application: Briefing, Communications and Collaboration Capability

Description

Summary of the work The supply, customisation and/or configuration, and support of a solution to provide secure briefings, communication and collaboration capabilities in support of the CT Borders Operations Centre; including access portals, applications and API gateways supporting fixed and mobile end clients. Expected Contract Length Initial term: 2 years (with possible option to extend for a further 6 months). Latest start date Monday 17 May 2021 Budget Range 375,000 - 500,000 Why the Work is Being Done To deliver, enhance and support an integrated suite of Mobile & Desktop services (primarily mobile telephony and tablets devices) for CT Borders Officers to meet a business need for enhanced mobile working and improved briefings, communications and collaboration across the CT Borders Network. Problem to Be Solved CT Borders Officers are based at key port locations across the UK and Juxtaposed Controls in the EU, in addition to this core location officers further deployed to any point of entry/egress into the UK &NI. This provides challenges in managing and communicating key operational information to officers in enabling them to be deployed in the field for extended periods, regardless of it port size or location. This flexible model of working requires the ability to enable officers (or groups of officers) to be sent/or exchange Alerts, Briefings, Taskings and support further collaboration through file sharing, between control desks and deployed officers. The currently deployed devices are used primarily but not exclusively within a port environment, which in turn bring with them a range of challenges with regard to usability, connectivity and operational communications: • Internal terminal buildings, in areas such as arrivals & departure halls, air/sea pier rail heads. • Externally on airport aprons, vehicle/rail freight yards, dock yards or rail platforms. • Public roads (e.g. aid convoys). Who Are the Users CT Border Operations are responsible for managing and coordinating Counter Terrorism operations at ports and borders across the UK. They are managed via various organisational structures on National, Regional, Force, Port and Thematic patterns. To provide the officer with information to assist with the execution of their operation duties, through the ability to send/receive broadcast messages to frontline officers, groups or organisation units on a one-to-one, or one-to-many-basis. Communications & Collaboration • Structured Messaging - Alerts - Briefing - Tasking & Responses • Instant - Messaging (instant) • File sharing & integration - File sharing collaboration • Shared Services Integration (on premise) - Identity - Audit - File plan (Further context to be shared in due course) It is also imperative that the originator of the message can see who has been sent, received, read and actioned a message both as a ‘dashboard count’ and a detailed list. This ability enables them to track the level of dissemination, operational awareness and whether further comms by other means (e.g. phone or radio) is required to facilitate the objective sought. It should also be possible for a user to conduct these messaging activities from any supported mobile device or web based browser. Work Already Done The current deployed devices access the system following the NCSC Walled Garden Architectural Pattern]. The devices connect via a mobile VPN client to establish an IPSec VPN tunnel to the network infrastructure for all traffic (no split tunnels) and are secured using a Mobile Device Management Solution. Access to this platform is available from the PSN‐Policing network and from any approved device connected to local Force networks, which in turn are connected to PCN‐P. There is no internet access available directly from the device, such services are provided via the on premise platform Further context to be shared. Existing Team An existing team of Counter Terrorism Policing, Police Staff, 3rd Party Suppliers and contractor personnel. Current Phase Discovery Skills & Experience • • Evidence of how the supplier aligns with ISO standards 90003, 27001 and 9241 • Supplier to demonstrate experience of delivering projects using asimilar scope (within last 3 years) • Demonstrate extensive experience and evidence of SME's in the Mobility field • Proven experience building easy-to-use web-based / mobile applications • Skills and experience interfacing with integration layer • Proven experience conducting and documenting user research, and iterating project work accordingly • Demonstrate understanding and ability to deliver digital services/products to the Government Digital Service standards • Demonstrate a successful approach to completion of required, Penetration Testing, Service Readiness, and release reviews as part of quality and acceptance tests • Proven track record of building services with robust disaster recovery plans in place • Proven track record of building services automated testing procedures • Demonstrate knowledge of working with 3rd parties to develop standard interfaces and data exchange portals • Have availability of resources to be able to start as soon as possible • Demonstrable evidence of providing 24/7 level 3 service support • Demonstrate in depth recent understanding and experience of project delivery in policing or other such secure environment to include planning, scheduling and risk management • Demonstrable evidence of ability to run agile teams remotely and collaboratively and manage geographically dispersed teams • Demonstrate experience of delivering solutions that meet the security requirements for OFFICIAL-SENSITIVE • Confirm that you have secure email / docume exchange capabilitie (e.g EGRESS or CJSM etc.) • Demonstrate an ability to keep pace with emerging mobile technologies • Define the level of vetting and clearance within their organisation. Nice to Haves • A track record of successfully delivering the solution or services offered into Government, Law Enforcement, Military organisations, or similar secure operating environments; • Have experience of successfully transitioning projects into a live service environment within a government department, Law Enforcement, Military organisations, or similar secure operating environments within the last 12 months • Development using Open Source products • Innovative solution design and development Work Location Work can be carried out remotely but securely, also the supplier will need to attend meetings and workshops at Locations within the M25, Birmingham and by video/teleconference. Working Arrangments The Supplier will work with the existing Counter Terrorism Policing HQ and ICT Delivery teams based within the M25, and the Customer Service Centre, Birmingham. Some on-site meetings and workshops will be required within the M25, occasional travel to other CTP locations cannot be excluded. • Remote working will be the standard. Security Clearance Dependent on roles, the supplier should either have in place or be prepared to undergo: • Baseline Personnel Security Standard (BPSS), and a criminal records check; • Security Clearance(SC) & Non Police Personnel Vetting Level 2 (NPPV2); • Developed Vetting (DV) & Non Police Personnel Vetting Level 3 (NPPV3). Additional T&Cs CCS - DOS 4 Framework T&C's will apply to this tender. No. of Suppliers to Evaluate 8 Proposal Criteria • Proposed technical solution • Delivery approach and methodology • How the delivery approach will meet user needs • How the delivery approach will meet CTPHQ's goal • Technical competence: skills and experience • How risks and dependencies will be identified and managed • Approach to support and continuous service improvement • Compliance with the Authority's Statement of Requirements, Bid price and value for money (MEAT). • Full ITT criteria (following down-selection process) Cultural Fit Criteria • Explain how your proposed approach will benefit the CTPHQ and ensure successful delivery • Describe how you will work as part of an integrated team • Describe how you propose to support positive working relationships throughout the life of the contract • Explain what methods you propose to use to engage; communicate, constructively challenge and work effectively with CTPHQ • Explain how you propose to manage the boundary between modern digital ways of working and formal procedures and policies Payment Approach Fixed price Evaluation Weighting Technical competence 60% Cultural fit 5% Price 35% Questions from Suppliers 1. Whilst not precisely the same, the functionality required here bears many similarities to the recent CTPHQ ITT – Information Sharing Platform. There is the potential to achieve economies of scale by building out from that platform, reducing build costs and possibly product licensing costs. Has this been considered and if not why? CTPHQ wider Programmes and deliveries have been considered and while some similarities exist the core business requirements necessitate a separate tender exercise and delivery road map. 2. The Nice to Have questions ask about open source skills. Is it CTPHQ’s preference that the solution be built from scratch using open source technology? CTPHQ's preference is that there is an existing system that covers a substantial amount of the requirements. We appreciate some development work will be required however it is not our preference for this solution to be built from scratch. 3. How many users of the system will there be? How many “internal” CTPHQ users/admins who require full system access? How many users at the borders who requires a) full access to access all information and make changes/updates, and b) how many users who require effectively read-only access (with message send/receive)? We have defined the user population in the offering as: Current Users:• 550 Android Knox mobile devices;• 1200 CT Ports Officers.Planned Additional Users:• 150 Windows desktop clients accessing via app/portal services over the ‘on premise platform’.As for "Admins" our Customer Service Centre would provide 1st-2nd line Support, 3rd-4th Lines support would be a mix of internal and suppliers support.Regarding who or how many users requiring update / read only access. It is envisioned that this would be a manageable role based access/permissions mechanism dependant of function/capability set offered by the suppliers solution. 4. Under work that has been done for devices, you state “Further context to be shared. “. Can you share this? How? And When? Further context document to be sent on Monday 11th. 5. Is the budget specified for Discovery, or for the 24 months of delivery? Discovery, Delivery and Support. 6. Has the client software they want to use? No product has currently been selected.CTP are looking for suppliers to provide innovative solutions able to operate within the constraints of a secure 'on premise' self-hosted environment. 7. Do they have separate budget for software & its support? The specified budget range covers Discovery, Delivery and Support. 8. MDA Phase 2 Requirements Tender - DOS4 High-Level Requirements(Further Information)Following the publication of the above H-L requirements document on 05/01/21, please note the additional information set out below. Tender approachThis is a 2-stage tender approach. In effect, initial responses to the high-level requirements document will be scored and used to short-list a maximum number of 8 suppliers (Stage 1) who will then be formally invited to tender against CTP’s full Statement of Requirements and supporting tender documents (Stage 2). Payment approachIt is anticipated there will be a blended payment approach for this work, including fixed and capped time and materials. 9. Following the publication of the above H-L requirements document on 05/01/21, please note the further context/additional information for the following section: who the users are and what they need to do CT Border Operations extend beyond conventional transport hubs, with CT Policing operating across the full spectrum of potential locations where entry into/out of the UK can potentially be facilitated. CTBOC has responsibility for both inbound and outbound travel across all international modes of transport (including General Aviation and General Maritime).The CT Ports Network (CTBOC's assets) is highly flexible and therefore requires a competent technology solution to support mobile and remote CT deployments.CTBOC have articulated their requirement for the priority and sequence for the external delivery of the requirements in this work package. 10. Following the publication of the above H-L requirements document on 05/01/21, please note the further context/additional information for the following section: Any work that has already been done A mobile capability has been be deployed to CT Borders Officers across the UK&NI. This provides mobile capabilities that support their operational duties at the border, these deployed services would be enhanced by this uplift.The solution has been developed to work within the Government Security Classification (GCS) marking. The device has been developed and approved to be used at OFFICIAL / OFFICIAL SENSITIVE. Current Users:• 550 Android Knox mobile devices;• 1200 Counter Terrorism Ports Officers.Planned Additional Users:• 150 Windows desktop clients accessing via app/portal services over the ‘on premise platform’. 11. You reference in the opportunity that you are looking for an accredited solution at Official Sensitive with an innovative approach. Would you be happy to consider a Secure PSN-P Public Cloud hosted offering as an alternative to on-premise to make the most of the innovation opportunities available for this type of system. The preference is for self hosting; a secure PSN-P Cloud hosted offering would be judged on its merits, though heavily dependant on the design and level of accreditation achieved by the proposed solution. 12. In your response to Question 2 asked by a supplier, you indicate that you are looking for a pre-built solution but expect some extra development. If this is the case how are you expecting to purchase the licenses and/or IP that provide that pre-built framework and would you consider buying these a licensed software product for example, via the DAS framework. Your question is slightly ambiguous, if you are asking would we consider simply purchasing licenses for a pre-existing solution? If the offered licensed solution meets the requirements then would be considered.The preference is for a existing solution with customisation if necessary over a custom build to reduce the lead time to deployment.The contract range covers all services, solution and support required to deliver and provide a complete business as usual solution.The expectation is that all services and licensing will be procured via the DOS4 framework. 13. Are CTPHQ providing their own mobile devices or are CTPHQ expecting these to be provided by the supplier as part of this engagement. CTPHQ have their own mobile devices, the purchase, support or replacement of these devices is a CTP responsibility. 14. You indicate that the supplier is expected to provide 3rd/4th line support. At the end of the two year period are CTPHQ expecting to take on all support of the solution, and if not how will this on-going support be purchased and funded. On-going support post the 2 Year period of this work package (or 2 Year + Extension option if exercised) would be subject to a further contract. 15. One of the essentials is “Confirm that you have secure email / document exchange capabilities”. Can you confirm whether these capabilities are for use in the delivered solution of for use during the project to manage delivery? This clause is to facilitate the exchange of any materials higher than RESTRICTED during the project to manage delivery. Indicatively, but not comprehensively options such as CJSM or EGRESS accounts. 16. The guidance states “you should only provide one example for each essential requirement” but there are requirements which ask for us to “Demonstrate extensive experience” and a “Proven track record.” Should we give more than one example for questions which seem to require it? For each essential and nice-to-have criterion, we would ask suppliers to state whether their proposed solution meets the criterion and provide evidence to support their statement. Suppliers should provide the type of evidence they believe best makes the case for their solution. 17. How much thinking has already been put into the research approach? Are you looking for a steer from our bid on the most appropriate methodologies or do you already have an idea of activities you would like to run? We have undertaken user research and have a concept of operations and business requirements pack.We are looking for solutions to meet those. 18. Will you be running an alpha off the back of this work? We are looking to cover: Discovery, Delivery and Support. 19. Are there existing internal team members who we can involve in the research and how much appetite is there to build these skills in-house? As stated in the offer: An existing team of Counter Terrorism Policing, Police Staff, 3rd Party Suppliers and contractor personnel is in place to support the successful bid. 20. What are the specific outputs you are looking for from the discovery? The Discovery phases main purpose is to help gain a deeper understanding of the business needs and requirements following on from the Statement of Requirements that have been provided. 21. What user research has already taken place? We have a full Statement of Requirements that was based around the user research. 22. As a nice to have skill you ask for “experience of successfully transitioning projects into a live service environment within a government department, Law Enforcement, Military organisations, or similar secure operating environments within the last 12 months”. Does this mean that the transition to live has to have taken place in the last 12 months or that the transition can be older (say last 3 years) but the contract for the project is still running as per essential skill bullet 2. The 'nice to have' allows for a suppliers to show the currency of their product and experience. Your question answers itself when taken into account the "Essential Skills and Experience" that states the "Supplier to demonstrate experience of delivery projects using a similar scope (within the last 3 years). The 'nice to have' is within 12 months.