Crown Prosecution Service – Provision of SOC and SIEM PINs

The CPS would like to issue a problem statement to techUK members to provide solutions for the Security Operations Centre (SOC) and Security Incident Event Management (SIEM) Requirements.

• SOC Solution Value Proposition
• Whole life costs (Cost of end-to-end solution)
• Implementation/Transition timeline
• SIEM Software the SOC supplier works with
• Innovation value proposition
• Social Value Proposition
• Sustainability (Carbon Reduction Plans)

Please find the PINs here for your reference:

Provision of Security Operations Centre Managed Service: Prior Information Notice - Find a Tender (find-tender.service.gov.uk)

Provision of Security Incident Event Management Tool - Find a Tender (find-tender.service.gov.uk)

The preferred route to market will be CCS Framework CSS3 Dynamic Purchasing System.

Please provide further information in response to the questions below by close of business 4^th September 2023. Please submit your responses to [email protected]

1. Do you offer round the clock dedicated SOC service i.e., 24/7/365.
2. Do you offer dedicated service i.e., proactively hunting for threats to our business model, eliminating false positives, following cyber best practices, deliver audit artifacts that prove compliance to regulations.
3. Is it possible for you to share your performance stats and reports from other clients you are delivering similar services to and any compliance reports on your infrastructure i.e., soc2type1 and soc2 type2.
4. Do you offer services based within UK and where else your infrastructure is based i.e., US, ASIA, etc.
5. Is it possible for you to share some in depth in sight into your technical capabilities i.e., tools used for real time monitoring, analysis tools.
6. Looking at our business requirements, do you offer services fit for our business i.e., threat management and detection, vulnerability management.
7. Do your SOC tools offer ingestion of log feeds from variety of SIEMs available and used within the industry and insight into how the integration works, i.e., require and agent to be installed, pull or push from the SIEM services.
8. Do you offer clients dashboard access into the SOC services for real time access to ongoing incidents and to meet any other reporting requirements.
9. Information on SIEM Software you work with.
10. Please provide clarity on the mandatory versus ‘nice to have’ requirements.
11. Please provide best practice contract examples and customer references.
12. Please provide information on compliance requirements (certifications etc).
13. Please provide a quote on whole life costs (Cost of end-to-end solution).
14. What is the implementation/Transition timeline?
15. Innovation value proposition?
16. Social Value Proposition?
17. Cabon Reduction Plan?
18. What management information will we have access to?