RFP QuestBeta
Awarded · ResultStage · contract

Crown Commercial Service

Provision of a Cyber Security Governance Risk & Compliance Solution

IT ServicesCPV 72000000
Value£320k
Awarded19 Oct 2025
Published13 Nov 2025
RegionLondon
Outcome — awarded

This is a contract result notice, not an open opportunity. Details from the official award data.

Contract value in context
£320ktotal contract value
median £120k
this tender£0£3.5m

This sits in the upper-middle of the IT Services band — a substantial contract for the sector. Based on 36,449 valued IT Services tenders in our corpus.

The brief

The Cabinet Office requires a Governance, Risk, and Compliance (GRC) tool to enhance its cyber risks and compliance requirements.

The tool will enable clear tracking of governance activities, risks and ensure alignment with departmental objectives.

Ultimately, this will promote more efficient and well-managed digital services across the department.

Overarching requirements: Centralised management: Must provide a single platform to record, track, and manage governance activities, risks, and compliance tasks.

While the immediate focus is on cyber risks, the ability to serve as a consolidated enterprise risk management tool is also highly valued.

Self- service reporting: Should offer dashboards and reports for up-to-date visibility for stakeholders and senior management. service reporting: Should offer dashboards and reports for up-to-date visibility for stakeholders and senior management.

Risk Assessment and Tracking: Ability to identify, assess, and monitor risks as well as controls with options for categorisation and prioritisation.

Policy and Compliance Monitoring: Support for capturing and auditing compliance with relevant policies, regulations, and standards.

Key requirements

What the supplier must deliver

01

The tool will enable clear tracking

The tool will enable clear tracking of governance activities, risks and ensure alignment with departmental objectives.

02

Centralised management: Must provide a single platform

Centralised management: Must provide a single platform to record, track, and manage governance activities, risks, and compliance tasks.

03

Self- service reporting: Should offer dashboards

Self- service reporting: Should offer dashboards and reports for up-to-date visibility for stakeholders and senior management. service reporting: Should offer dashboards and reports for up-to-date visibility for stakeholders and senior management.

04

Policy and Compliance Monitoring: Support for capturing

Policy and Compliance Monitoring: Support for capturing and auditing compliance with relevant policies, regulations, and standards.

Derived from the notice text — always confirm against the original documents.

What this bid requires

Skills, tools & certifications

Detected from the notice — the capabilities and credentials this bid calls for. Click one to see who wins that work.

Buyer intelligence

Make the case to bid

Reveal who to approach at Crown Commercial Service, and generate a go-to-market strategy from their news, accounts and people.

Source & provenance
OCID
9da76c70-7ced-42de-9d21-6ed49d5479fa
Stage
contract · Contract
Source
Contracts Finder
Buyer ref
CCIT25A23.
View the original notice on Contracts Finder

Contains public sector information licensed under the Open Government Licence v3.0. Source data © Crown copyright.

Market context

Who wins this kind of work

The suppliers and buyers around this opportunity — drawn from official award data. Drag to orbit; click a node to explore.

Top suppliers & buyers in IT Services

Scroll to explore the market network

Crown Commercial Service’s tender network

Assembling the network…

Also open now

Similar open tenders

Cyber Security Services 3 Extension Notice

The Minister for the Cabinet Office acting through Crown Commercial Service

Closes 13 Feb 2029IT Services
£800.0mValue

IT and Cyber Security Services

Procurement Assist Limited c/o Integrated Facilities Management Bolton Ltd (iFM Bolton)

Closes 31 May 2029IT Services
£75.0mValue