Gov Assure - PINS Independent Assurance Review

Descriptions

The Planning Inspectorate (PINS) wishes to procure a supplier to conduct an independent assurance review of PINS assessment of One system returns against the National Cyber Security Centre's Cyber Assessment Framework. Following PINS completing a self-assessment of One system against an appropriate government profile (baseline or enhanced) under the National Cyber Security Centre's Cyber Assessment Framework, a supplier will conduct an assessment of the department's systems in scope, assessing the completed self-assessment and provided evidence to author a final report stating whether PINS meets the assigned government profile against the systems in scope. Scope of requirement The following is included in scope for the supplier. The selected supplier will be responsible for delivering the following: Attending a planning meeting between the Supplier and The Planning Inspectorate to set out review approach, ways of working and review logistics; The completion of an Independent assessment of The Planning Inspectorate self-assessments, on WebCAF, (Web Cyber Assessment Framework) against the appropriate Government profile against the (CAF) Cyber Assessment Framework; Access to the evidence and information referenced in The Planning Inspectorate self-assessment; Holding interviews with key stakeholders (e.g. The Planning Inspectorate cyber team and system team) to help inform content of the final report; The development of a final technical report, based on the Independent Assessment of The Planning Inspectorate self-assessment on WebCAF, agreed between the supplier, The Planning Inspectorate and Government Security Group. The following is not in scope for the supplier; Providing cyber implementation services to The Planning Inspectorate self-assessments, on WebCAF; The development of the targeted improvement plan; Conducting a GovAssure review on further systems out of the scope for The Planning Inspectorate GovAssure review; To discuss or agree what CAF profile systems going through GovAssure will be measured against; To provide non-data driven decisions or speculative recommendations on what The Planning Inspectorate should do to mitigate cyber risk Please provide your written proposal using the 'proposal template' provided in Annex B, clearly setting out how you meet the evaluation criteria included in the Section 4. The proposal template includes a section for each of the criteria being evaluated. In the template, please also declare any known or perceived conflicts of interest with any employees or contractors of the Planning Inspectorate. Where to send your Written Proposal Annex B and Pricing Proposal Annex A Your written proposal and pricing proposal must be submitted to tenders@planninginspectorate.gov.uk no later than Monday 16 October 2023 - 16:00 hours. Written proposals and pricing received after this deadline will not be accepted.