Procurement details: Defra Cloud Centre of Excellence - Cloud Infrastructure Engineering and M365 Administration Support

• Summary of work:

  "The Cloud Centre of Excellence in Defra manage the hosting and infrastructure for 2 Cloud providers (Amazon Web Services and Microsoft Azure) supporting over 100 digital services from those in development phase through to those in live support. As part of the Defra cloud first strategy there is a growing demand to move more services to the cloud, both existing migrations and the development of new Services, which will continue to expand the support demand from the infrastructure and hosting perspective. Defra are looking for a supplier who can fully support Production environments in the public clouds adhering to an ITIL service delivery model. In additional to the live support CCOE is looking for a supplier than can provide cloud engineering capability to deliver allocated development builds or rehosting of existing cloud workloads (alongside an inhouse team). Delivered using Agile methodology and CICD principles and aligned to existing patterns and standards the supplier would be required to develop pipelines to promote builds through development pipelines and into the target live environment. The chosen supplier will also assist us in developing best practice around active and efficient stewardship and management of environments as well as developing our existing automation through innovation. CCOE also supports utilisation of M365 product suite such as power platform, dynamics, teams, Entra ID and SharePoint, the supplier needs to take on the Management and administration of the live service including incident resolution and problem solving. Configuration engineering to support development projects and impacting and assuring evergreen changes to Defra's Microsoft 365 estate. Administration would be aligned to RBAC assigned roles in accordance with Microsoft best practice and access management and managed in line with ITIL. The chosen supplier must be able to show a track record of managing enterprise scale hosting platforms in line with full service management processes aligned to industry best practices. This includes the ability to provide 24/7 support for the services included above. On both the cloud engineering and M365 administration the supplier would be expected to work in a way that enhances and delivers innovation and automation looking to minimise manual activity and maximise the customer journey for those engaging with these services. "

• Where the supplied staff will work:

  North East England

• Where the supplied staff will work:

  North West England

• Where the supplied staff will work:

  South East England

• Where the supplied staff will work:

  South West England

• Where the supplied staff will work:

  No specific location (for example they can work remotely)

• Who the organisation using the products or services is:

  Two key areas are for Azure and AWS is primarily to support the hosting and development of new digital services for Defra and its core arms length bodies. These hosted digital services are used by internal teams, external companies, and users. The products are developed and managed by Defra. The M365 service provide Defra and its circa 30,000 employees with core Microsoft Products to fulfil everyday business requirements covering Teams, SharePoint online, exchange and Entra ID amongst others.

• Why the work is being done:

  "To support Defra's Cloud Centre of Excellence in enabling Defra Group to continue to transform its support for Digital public service delivery. Defra is looking to enhance its Cloud Engineering capabilities in order to support growth in the use of public cloud tools. This is part of Defra's 'Cloud First' strategy for digital delivery. This work will seek to align a number of existing contracts within Cloud Centre of Excellence to a single supplier to support our deliverables. Defra’s use of M365 product suite supports its ambition to move to cloud first and also maximises the tool set to around 26,000 users on the estate, enabling improved ways of working We require a supplier to be ready for onboarding no later than 1/09/2024 "

• The business problem:

  "Defra does not have the capacity in house to take on full support of all of the cloud services under the remit of the CCOE. Whilst recruitment is ongoing in CCOE it will not be possible to fully insource all elements of CCOE delivery. Defra's CCOE require a supplier to take on the support of defined elements for the CCOE delivery portfolio to work along side an inhouse team. The work will constitute of the following - direct support of the Live production tenant and will be allocated workloads through the project delivery and demand pipeline as needed to offset the capability of the inhouse team. Each work package assigned would be the sole delivery responsibility of the supplier. It would be expected that the supplier would adopt the same working practices as in the inhouse team to ensure that all services are built and maintained in a consistent manner and in accordance with the same standards and policies set by Defra. Defra will provide the overarching product and service management across the AWS, Azure and M365 product suites but work with the suppliers to identify and support innovation and automation to improve the customer journey. Live service support – Fixed Price Managed Service This should be based on the volumetrics (supplied separately), the requirement is for; - Fully managed AWS and Azure Production Environments (ITIL aligned) - Fully manged non-production AWS and Azure environments e.g. Patching, Security, cost management and monitoring (in accordance with MSFT best practice and CCOE ways of working). - Full integration with Defra’s Service Management Operating Model, Service Tooling (SNOW) and Non Function requirements (see separate document) - Provide 24/7 incident support to tier 1 services. - Support the rollout and adoption of new introduced products aligned to the Defra Product roadmap and incorporate into live service support through service transition working with service and product owners and delivery teams. Managed M365 services. Up to August 2025 the requirements will include - Fully Managed SAAS MSFT products used on the Defra estate as defined in the additional information and metrics doc. - Management and configuration of the lower development environment - Fully managed M365 Production Environments (ITIL aligned) - Full integration with Defra’s Service Management Operating Model, Service Tooling (SNOW) and Non Function requirements (see separate document) - Provide SME input into the triage of upcoming evergreen changes. - Provide SME advice and guidance to products owners, service owners on the best use and integration of the products aligned to MSFT best practice. - Provide advice and guidance to new services integrating with M365 products during the project lifecycle. - Provide 24/7 incident support to tier 1 services. - Support the rollout and adoption of new introduced MSFT products aligned to the Defra Product roadmap and incorporate into live service support through service transition working with service and product owners and delivery teams. Beyond August 2025 the transactional based activities carried out by the M365 services team in CCOE will transition to form part of the Future End User Support contract. There will be a need to support the transition which could take up to 3 months move to the onboarding supplier under that contract. CCOE may choose to insource the remaining M365 high level support, but this is dependent on several factors, therefore the supplier should bid on the expectation that the requirement will be to support the high-level account administration roles for the services and provide subject Matter expertise across the Platform for the full duration. Post Aug 2025 requirements detailed in the Further information and metrics document. Development – Outcome based capped T&M with gain share for duration of contract The CCOE supports the development of new services onboarding to CCOE cloud offerings, this is driven by the demand pipeline where new requests are prioritised and scheduled with the build team. Services are promoted through development environments into Production before they transition to Live services. The services are designed to incorporate standard Defra support patterns and tooling (foundation services) and should be reused unless agreed by prior exception. The supplier requirements are detailed in the Further Information and Metrics Document Pricing model detailed in Further Information and Metrics document "

• User type:

  External users or businesses wanting to engage Defra digital services to provide either advice and guidance (such as national flood alerting) or utilise an externally facing service specific to their business (such as cross border trade movement licenses), or an internal user wanting to build develop, support or utilise a cloud product as part of their day to day role in Defra (such as a business user or a cloud developer).

• Definition:

  "CCOE provides the cloud hosting for all digital services hosted on Amazon Web Services and Microsoft Azure public clouds. This underpins Defra’s ongoing digital transformation programme for hosting new digital services in the cloud and the transition of existing services. The users consist of Defra inhouse digital delivery teams and supplier teams delivering on behalf of them. The supplier will work closely with inhouse delivery, Product and service owners to develop and enhance the services provided The CCOE Microsoft 365 platform administration team provides platform support to enable users (+25k) and projects looking to utilise this toolset, providing Subject matter expertise on the products and services and platform level administration, including problem and incident management. The supplier will work closely with inhouse delivery, Product and Service owners to develop and enhance the services provided through the platform. Beyond August 2025 the transactional based activities carried out by the M365 services team in CCOE will transition to form part of the Future End User Support contract. There will be a need to support the 3 month transition of duties to the onboarding supplier under that contract. After August 2025 CCOE will not be supporting service support requests and incidents – this is defined as a transactional activity on the M365 platform that can be completed in line with MSFT best practice without the use of high-level privileged access accounts across the defined product list below. "

• Any pre-market engagement done:

  There was a market engagement event held on 3rd April 2024 with the top 10 suppliers from the previous procurement invite. The main aims of the event were to: • Determine whether there was sufficient data available and whether the pricing mechanism was suitable. • If this procurement is attractive to suppliers, especially SMEs • To request advice around social value There were several key questions that were asked regarding the data to understand and establish a good baseline of the requirements. There was a request for a breakdown of the severity of the incidents that were reported for each band, a breakdown of service requests to understand the complexity and if they were fulfilled by automation or manually and the number of live projects in each tier. To enable a submission for a low-risk tender, it was agreed the additional data along with a more detailed breakdown of the metrics, including the tiering details and the in and out hours would be shared in the additional documents. The supplier’s response to the question “is this procurement attractive to suppliers” was very positive. Majority of suppliers agreed that this procurement would be attractive to SME’s, however the scope of work for example 24/7 support requirement could be demanding. A suggestion was made by one supplier that larger organisations could consider using SME’s in their supply chain. The suppliers were asked if there were other Social Value themes that would be more suitable to this procurement, the current evaluation is considering focussing on: underrepresented groups, gender pay gap, apprenticeships and T-levels. The supplier’s response was positive to these themes. Two key comments were made, sustainability, climate change or wellbeing would be relevant and the power of the cloud to reduce impact on environmental sustainability should be a consideration. Other points that were discussed: What will happen at the end of the contract; there will be another contract – Future Hosting and Support contract which is due to start in October 2025, with a three-month transition period when the contract ends. Can the current team size, deliver the services that are required, the team are achieving the requirements and meeting the target response. The size of the team does not fluctuate as services grow but there is an emphasis on improving automation. There is an element of specialist skilled resources delivering infrastructure on the cloud. The ambition for CCOE is to provide an automation and self-service capability that will cover a % of the repeatable tasks, whilst the actual core of the team will focus on things that come through that are more bespoke and require one to one engagement. A question was asked about the cloud breakdown in terms of Azure and AWS and the medium to long term cloud status. The plan is to use a combination of AWS and Azure. All of the suppliers were comfortable with the timeframe for this procurement and the mobilisation period. In terms of the security clearance, prior to all new resource working on this contract will require security clearance, which takes up to four to six weeks. In the interim a waiver can be put in place, however if anyone fails the security clearance, they will not be able to work on the contract. In relation to the rate card, for managed services it will be a fixed price and for project work the proposed approach is to use capped time and material with gain share rates on a monthly breakdown across the total cost for the roles for each month. The option of using offshore resources will not be a part of this contract. To assist the submission for a low-risk tender, a request to understand the RACI metric would be helpful in terms of scope of what is being currently done. The requirements would be a good indicator of where the supplier fit’s and to understand the responsibility for an incident and seeing through to a conclusion. Information is shared in the additional documents. Majority of the suppliers were concerned that the incumbent has an advantage in this procurement. It was confirmed that an ethical wall agreement had been put into place with the incumbent supplier. The suppliers requested more information about the size and technology in the estate to help even out the playing field, this was agreed, and the information is shared in the additional documents.

• Work done so far:

  "This is currently a Live service with a demand pipeline in place, as per the above AWS and Azure host 79 live applications and have 95 currently moving through the development pipeline to Live. There is an established demand pipeline in place and established foundation service and patterns supporting the onboarding of new projects. Automation and self service is a developing area which will require further attention as this scales out. M365 services are all live and utilised but here is a portfolio demand pipeline around the adoption of new upcoming services that MSFT provide, this alongside evergreen changes provide a constant demand to the existing products."

• Which phase the project is in:

  Live

• Existing team:

  "The existing CCOE team is made up of a blend of internal staff and supplier augmentation resource. Currently the supplier augmentation consists of the following resources assigned - Demand, delivery and Service - 4 FTE AWS - 3 FTE Azure - 32 FTE M365 - 13 FTE These resources are currently split as follows across Live service support and project work - M365 - 80% live / 20% Project AWS - 80% live / 20% project Azure - 35% live / 65% Project Based on the information provided by the incumbent supplier, Defra does not expect the Transfer of Undertakings (Protection of Employment) Regulations 2006 as amended (""TUPE"") to apply if a new supplier is appointed to deliver this contract. However, Defra makes no representations or warranties in this regard and is not liable for this opinion. Bidders should carry out their own due diligence and obtain their own legal advice on the applicability of TUPE. The successful supplier will be working with internal customer teams and service delivery teams some of which contain suppliers. Defra does not expect TUPE to apply to transfer the employment of any civil servants within the internal Defra teams to the successful supplier, although bidders should carry out their own due diligence in this regard and obtain their own legal advice on the applicability of TUPE. On the basis that TUPE is not expected to apply to this contract, either in relation to employees of the incumbent supplier or the customer, no further information will be provided to bidders regarding the current personnel resourcing for this Contract. Bidders are asked to make their bids on the basis that TUPE will not apply. If, however, bidders have a contrary view to that of Defra on the applicability of TUPE, they should inform the department, giving reasons for their view, prior to the deadline for bids. For this contract Defra is seeking a managed service supplier to work as part of an extensive network of suppliers and internal teams as part of a collaborative team. Defra has also commenced on a programme to increase the number of permanent civil servants within the Cloud Centre of Excellence. The successful supplier will also be expected to work with and develop those internal staff members to enhance the internal capability. "

• Address where the work will be done:

  "Multiple Locations: Work from home Bristol - Horizon House, Deanery Road, Bristol, BS1 5AH Reading - Kings Meadow House, King’s Meadow Road, Reading, RG1 8DQ Warrington - Richard Fairclough House, Knutsford Road, Warrington, Cheshire,WA4 1HT York - Foss House, Kings Pool 1–2, Peasholme Green, York,YO1 7PX Newcastle - Lancaster House, Hampshire Court, Newcastle, Tyne & Wear, NE4 7YH"

• Working arrangements:

  "Primarily working from home/supplier office location. Working onsite in Defra offices as required on a project basis (approx. 2 days per fortnight). Occasional travel to other Defra sites may be required. Core hours (08:00 - 18:00 Mon-Fri) Extended Hours (07:00 - 19:00 Mon-Fri) Out Of Hours (24/7) Live service support for incident management and response and release activity for high priority services. Expenses will be reimbursed inline with Defra policy"

• Security and vetting requirements:

  Baseline Personnel Security Standard (BPSS)

• Security and vetting requirements:

  Security Check (SC)

• More information about the Security requirements:

  All staff will be required to have BPSS clearance as a minimum before starting. All staff will be required to be SC cleared, if not already in place, this will be sponsored by Defra once onboarded.

• Latest start date:

  1 September 2024

• Contract length:

  1 years 5 months 0 days

• Indicative maximum:

  The contract value is not specified by the buyer

• Indicative minimum:

  The contract value is not specified by the buyer

• Contracted out service or supply of resource?:

  Contracted out service: the off-payroll rules do not apply

• How many suppliers to evaluate:

  5

• Technical Competence:

  50%

• Cultural fit:

  5%

• Social values:

  10%

• Price:

  35%

• Essential skills and experience:

  25%

• Nice-to-have skills and experience:

  5%

• Technical questions:

  70%

• Description:

  1) Evidence demonstrating strong technical proficiency in full Microsoft Azure stack, including but not limited to, managing virtual machines, knowledge of Azure App Service, Azure storage services (including Data Lake storage), configuring Azure virtual networks, strong understanding of Azure AD and role-based access control (RBAC), orchestrating DataOps pipelines and automating CI / CD workflows with Azure DevopOps (within last 2 years)

• Weighting:

  10%

• Description:

  2) Evidence demonstrating strong technical proficiency in full AWS stack, including but not limited to, managing virtual machines, knowledge of Elastic Container Service, AWS storage services (including S3, RDS and DynamoDB), configuring AWS virtual networks, strong understanding of AWS IAM and access control methods, orchestrating Jenkins pipelines and automating CI / CD workflows with Jenkins

• Weighting:

  10%

• Description:

  3) Describe and provide evidence where and when you have developed, iterated and supported Cloud Platform products and services, for example; AWS, Microsoft, Azure DevOps.

• Weighting:

  10%

• Description:

  4) Evidence an example of providing configuration, administration and operation of Microsoft 365 SaaS services in an evergreen environment for an organisation of more than 25k users - Products to includes but not limited to SharePoint Online, Entra ID, Exchange Online (EOL), Power Platform and Microsoft Teams

• Weighting:

  10%

• Description:

  5) Demonstrate how you will provide the following Cloud Platform support services: Core hours (08:00 - 18:00 Mon-Fri), Extended (07:00 - 19:00 Mon-Fri) Out Of Hours (24/7) for incident management, response, release activity

• Weighting:

  10%

• Description:

  6) Detail how you scale up engineering skilled resources to meet customer demand at pace. Include numbers, type of resources, time to deploy?

• Weighting:

  10%

• Description:

  7) How will you integrate with our in-house engineering resources seamlessly, share knowledge, provide skills transfer and develop our resource's capability? Include tools/best practice/past examples

• Weighting:

  10%

• Description:

  8) Demonstrate how you will provide Agile management covering daily delivery of teams, allocating resource to agile ceremonies, respond to requirements for incident, problem resolution, service monitoring, technical requirements reviews?

• Weighting:

  10%

• Description:

  9) Demonstrate where you have delivered enhanced automation and innovation to optimise the delivery process for enabling the utilisation of cloud services (AWS/Azure/M365)

• Weighting:

  10%

• Description:

  10) Evidence of certification and compliance to industry standards for information security (e.g. Cyber Essentials+, The Defence Cyber Protection Partnership (DCPP), ISO/IEC 27000 Series, NCSC guidance / principles, etc

• Weighting:

  10%

• Description:

  1) Describe and evidence your ability to work with Cloud service providers ( Microsoft and AWS) to manage and maintain infrastructure and platform services, working collaboratively to resolve platform incidents?

• Weighting:

  34%

• Description:

  2) Provide an example of your experience of delivering within large scale deliveries with multi-faceted workstreams in the public sector?

• Weighting:

  33%

• Description:

  3) Describe and evidence your ability to demonstrate keeping your workforce up to date with current and emerging technologies and toolsets?

• Weighting:

  33%

• Question:

  1) Provide two relevant public sector case studies detailing how you have delivered the above with positive outcomes

• Weighting:

  12%

• Question:

  2) Describe the approach/ methodology you’ll take to meet Defra’s requirements. How you’ll manage the work and maintain, time, cost and quality when there are competing priorities.

• Weighting:

  11%

• Question:

  3) Describe the specific technical approach or solution you’re proposing. The capability should be demonstrated with an example showing where this has been delivered elsewhere previously.

• Weighting:

  11%

• Question:

  4) Describe the team, how they’ll work together and with others. List the number of roles, responsibilities, any relevant qualifications. Demonstrate how quickly the team can be mobilised and ramped up

• Weighting:

  11%

• Question:

  5) Describe how your proposal will optimise costs, generate savings and embed sound cloud financial management disciplines within the operation. Please give details of previous experience optimizing costs with a cloud footprint similar to Defra

• Weighting:

  11%

• Question:

  6) Describe how your proposal will deliver cloud sustainability optimisation and provide reporting thereon. Please give details of previous experience optimizing sustainability and carbon footprint for a customer similar to Defra

• Weighting:

  11%

• Question:

  7) Evidence building capability, working in partnership with incumbent staff in the delivery of a similar contract (within last 2 years)

• Weighting:

  11%

• Question:

  8) Explain any risks and dependencies identified and your proposed approaches to manage them? Set out how you will identify and mange risks and dependences throughout the life of the contract

• Weighting:

  11%

• Question:

  9) Demonstrate where you have previously applied innovation and automation to a similar delivery and describe the positive outcomes/benefits to the organisation as a result of this

• Weighting:

  11%

• Question:

  Demonstrate how you can work as a team with our organisation, alongside other suppliers in a transparent and collaborative approach, share knowledge with wider teams and build capability in Defra?

• Weighting:

  100%

• Question:

  1) Fighting Climate Change - Effective stewardship of the environment Describe the commitment your organisation will make to ensure that opportunities under the contract deliver the Policy Outcome and Model Award Criteria 4.1 Deliver additional environmental benefits in the performance of the contract including working towards net zero greenhouse gas emissions

• Weighting:

  34%

• Question:

  2) Equal Opportunity - Tackle workforce inequality Describe the commitment your organisation will make to ensure that opportunities under the contract deliver the Policy Outcome and Award Criteria MAC 6.1: Demonstrate action to identify and tackle inequality in employment, skills and pay in the contract workforce

• Weighting:

  33%

• Question:

  3) Tackling economic equality - Create new businesses, new jobs and new skills Describe the commitment your organisation will make to ensure that opportunities under the contract deliver the Policy Outcome and Award Criteria MAC2.3: Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications

• Weighting:

  33%

• Pricing model:

  Fixed price

• Additional assessment methods:

  Presentation

• Level:

  Not considered relevant

• Score:

  0

• Description:

  The supplier’s service offering provides no confidence that the service meets the requirements.

• Level:

  Poor and only partially relevant

• Score:

  1

• Description:

  The supplier’s service offering provides little confidence that the service meets the requirements.

• Level:

  Limited and partially relevant

• Score:

  2

• Description:

  The supplier’s service offering demonstrates some clear strengths but gives some concerns.

• Level:

  Satisfactory and relevant

• Score:

  3

• Description:

  The supplier’s service offering demonstrates degree of weakness but where the weakness does not cause fundamental concerns and is outweighed by the strengths.

• Level:

  Good and highly relevant

• Score:

  4

• Description:

  A good service offering where the strengths clearly outweigh any minor weakness(es).

• Level:

  Excellent and completely Relevant

• Score:

  5

• Description:

  A robust and fully comprehensive service offering.

• Publication of stage 1:

  24/05/2024

• Clarification period closes:

  03/06/2024 17:00

• Deadline for suppliers to submit their stage 1 responses:

  10/06/2024 17:00

Return to Defra Cloud Centre of Excellence - Cloud Infrastructure Engineering and M365 Administration Support

Help

You can contact us by email, phone or using the enquiry form .

Email:

info@crowncommercial.gov.uk

Telephone:

0345 410 2222

CCS customer services team is available Monday to Friday, 9am to 5pm.