Services - 104543-2019

06/03/2019    S46

Greece-Maroussi: Supporting Cybersecurity for Transport Sector Activities

2019/S 046-104543

Contract notice

Services

Legal Basis:
Directive 2014/24/EU

Section I: Contracting authority

I.1)Name and addresses
Official name: European Union Agency for Network and Information Security
Postal address: 1 Vasilissis Sofias Street
Town: Maroussi
NUTS code: EL30 Aττική
Postal code: 15124
Country: Greece
Contact person: Procurement Officer
E-mail: procurement@enisa.europa.eu
Telephone: +30 2814409711
Internet address(es):
Main address: https://www.enisa.europa.eu
I.3)Communication
The procurement documents are available for unrestricted and full direct access, free of charge, at: https://etendering.ted.europa.eu/cft/cft-display.html?cftId=4542
Additional information can be obtained from the abovementioned address
Tenders or requests to participate must be submitted electronically via: https://etendering.ted.europa.eu/cft/cft-display.html?cftId=4542
Tenders or requests to participate must be submitted to the abovementioned address
I.4)Type of the contracting authority
European institution/agency or international organisation
I.5)Main activity
Other activity: Network Information Security

Section II: Object

II.1)Scope of the procurement
II.1.1)Title:

Supporting Cybersecurity for Transport Sector Activities

Reference number: ENISA F-COD-19-T13
II.1.2)Main CPV code
73000000 Research and development services and related consultancy services
II.1.3)Type of contract
Services
II.1.4)Short description:

ENISA seeks to contract the services of a minimum of 2 and maximum of 5 service providers per lot which can provide support in the area of Cybersecurity for the Transport sector. The two main areas are: LOT 1 - Cybersecurity for the Maritime sector and LOT 2 - Cybersecurity for the RAILWAYS sector.

The successful bidders should be able to demonstrate significant experience and skills in these areas, with emphasis on the aspects dealt with in the annual ENISA Work Programme.

II.1.5)Estimated total value
Value excluding VAT: 500 000.00 EUR
II.1.6)Information about lots
This contract is divided into lots: yes
Tenders may be submitted for all lots
II.2)Description
II.2.1)Title:

Cybersecurity for the Maritime Sector

Lot No: 1
II.2.2)Additional CPV code(s)
73210000 Research consultancy services
II.2.3)Place of performance
NUTS code: EL30 Aττική
Main site or place of performance:

The services will generally be provided from the contractors own premises with the final deliverable presented to the ENISA office.

II.2.4)Description of the procurement:

We expect tenderers to have expertise and knowledge on the following topics:

1) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Maritime cybersecurity at national, European and International (e.g. IMO) level;

2) Network and information security of Maritime infrastructures and services;

3) Working with maritime sector stakeholders/organisations such as, though not limited to, ports (including port authorities, port facilities, terminals etc.), shipping companies, vessel traffic services, national maritime authorities, classification societies etc.;

4) Risk management practices/methodologies, regulations, standards, guidelines, good practices specific to the maritime sector (e.g. ISPS);

5) ICS-SCADA security issues e.g. OT security, IT/OT convergence etc.;

6) Essential service (transport sector) operations and security practices and knowledge of the regulatory framework e.g. NIS Directive, the GDPR etc.;

7) CIIP and/or Maritime security good practice guidelines and standards e.g. ENISA good practice guides, IEC 62443, ISO 27001, ISO 27002, ISO 27019, BIMCO guidelines, NERC CIP standards, ANSI/ISA 99 etc.;

8) Network and information security issues e.g. internet and web security, cryptography, testing, security management etc.;

9) Infrastructure security and resilience and CIIP issues like Public Key Infrastructures (PKI) and core protocols e.g. BGP, DNS etc.

II.2.5)Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6)Estimated value
Value excluding VAT: 250 000.00 EUR
II.2.7)Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 12
This contract is subject to renewal: yes
Description of renewals:

The ensuing Framework contract will be for an initial 12 month period, renewable on a yearly basis up to a maximum of 3 years.

II.2.10)Information about variants
Variants will be accepted: no
II.2.11)Information about options
Options: no
II.2.13)Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds: no
II.2.14)Additional information
II.2)Description
II.2.1)Title:

Cybersecurity for the Railways Sector

Lot No: 2
II.2.2)Additional CPV code(s)
73210000 Research consultancy services
II.2.3)Place of performance
NUTS code: EL30 Aττική
Main site or place of performance:

The services will generally be provided from the contractors own premises with the final deliverable presented to the ENISA office.

II.2.4)Description of the procurement:

We expect tenderers to have expertise and knowledge on the following topics:

1) Ecosystems of Rail sector namely of the operators of essential services (as described in Annex II) of the NIS Directive: railway undertakings and infrastructure managers;

2) Rail security issues e.g. OT security, IT/OT convergence, etc.;

3) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Railway cybersecurity at national and/or European level;

4) Essential service (transport sector) operations and security practices and knowledge of the regulatory framework e.g. NIS Directive, the GDPR, the EU Mobility Packages;

5) CIIP good practice guidelines and standards e.g. ENISA good practice guides, Shift2Rail activities, CEN CENELEC SC9X, ETSI TC CYBER, Directives on Safety and Interoperability for Rail etc.;

6) Network and information security of Railway infrastructures and services;

7) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Railway cybersecurity policies at national and/or European level;

8) Network and information security issues e.g. internet and web security, cryptography, testing, security management etc.;

9) Infrastructure security and resilience and CIIP issues like Public Key Infrastructures (PKI) and core protocols e.g. BGP, DNS etc.;

10) Internet operations in network and security management for large network providers and Internet Exchange Points.

II.2.5)Award criteria
Price is not the only award criterion and all criteria are stated only in the procurement documents
II.2.6)Estimated value
Value excluding VAT: 250 000.00 EUR
II.2.7)Duration of the contract, framework agreement or dynamic purchasing system
Duration in months: 12
This contract is subject to renewal: yes
Description of renewals:

The ensuing Framework contract will be for an initial 12 month period, renewable on a yearly basis up to a maximum of 3 years.

II.2.10)Information about variants
Variants will be accepted: no
II.2.11)Information about options
Options: no
II.2.13)Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds: no
II.2.14)Additional information

Section III: Legal, economic, financial and technical information

III.1)Conditions for participation
III.1.1)Suitability to pursue the professional activity, including requirements relating to enrolment on professional or trade registers
List and brief description of conditions:

As stated in the procurement documents

III.1.2)Economic and financial standing
Selection criteria as stated in the procurement documents
III.1.3)Technical and professional ability
Selection criteria as stated in the procurement documents
III.2)Conditions related to the contract
III.2.3)Information about staff responsible for the performance of the contract
Obligation to indicate the names and professional qualifications of the staff assigned to performing the contract

Section IV: Procedure

IV.1)Description
IV.1.1)Type of procedure
Open procedure
IV.1.3)Information about a framework agreement or a dynamic purchasing system
The procurement involves the establishment of a framework agreement
Framework agreement with several operators
Envisaged maximum number of participants to the framework agreement: 5
IV.1.8)Information about the Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement: no
IV.2)Administrative information
IV.2.2)Time limit for receipt of tenders or requests to participate
Date: 01/04/2019
Local time: 18:00
IV.2.3)Estimated date of dispatch of invitations to tender or to participate to selected candidates
IV.2.4)Languages in which tenders or requests to participate may be submitted:
English
IV.2.6)Minimum time frame during which the tenderer must maintain the tender
Duration in months: 3 (from the date stated for receipt of tender)
IV.2.7)Conditions for opening of tenders
Date: 02/04/2019
Local time: 10:00
Place:

ENISA Athens office, Vasilissis Sofias Street 1, 151 24 Maroussi, Attiki, GREECE.

Information about authorised persons and opening procedure:

A maximum of 1 legal representative per participating tenderer may attend the opening session. Tenderers shall inform the Agency in writing of their intention to attend by e-mail to procurement@enisa.europa.eu at least 3 working days prior to the opening session. Failing that, the contracting authority reserves the right to refuse access to its premises.

Section VI: Complementary information

VI.1)Information about recurrence
This is a recurrent procurement: no
VI.2)Information about electronic workflows
Electronic invoicing will be accepted
Electronic payment will be used
VI.3)Additional information:
VI.4)Procedures for review
VI.4.1)Review body
Official name: Court of Justice of the European Union
Postal address: boulevard Konrad Adenauer, Kirchberg
Town: Luxembourg
Postal code: 2925
Country: Luxembourg
E-mail: cfi.registry@curia.europa.eu
Telephone: +352 4303-1
Fax: +352 4303-2600
VI.4.2)Body responsible for mediation procedures
Official name: The European Ombudsman
Postal address: 1 avenue du Président Robert Schuman, PO Box 403
Town: Strasbourg
Postal code: 67001
Country: France
E-mail: eo@ombudsman.europa.eu
Telephone: +33 388172313
Fax: +33 388179062
VI.5)Date of dispatch of this notice:
22/02/2019