npm - ccs-digitalmarketplace-frameworks - Versions diffs - 3.13.18 → 3.13.19 - Mend

ccs-digitalmarketplace-frameworks 3.13.18 → 3.13.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/frameworks/digital-outcomes-and-specialists-7/manifests/edit_service.yml CHANGED Viewed

@@ -9,6 +9,11 @@
   questions:
     - multiqTechnicalAbilityCertificates
+- name: 'Condition of participation - Cyber Essential Plus'
+  editable: False
+  questions:
+    - multiqCyberEssentialPlus
 - name: 'Q2: Award question - What services can you provide?'
   summary_page_description: >
     Disclaimer: as part of your application for Digital Outcomes and Specialists 7 the questions in this section will be assessed.

package/frameworks/digital-outcomes-and-specialists-7/manifests/edit_service_as_admin.yml CHANGED Viewed

@@ -9,6 +9,11 @@
   questions:
     - multiqTechnicalAbilityCertificates
+- name: 'Condition of participation - Cyber Essential Plus'
+  editable: False
+  questions:
+    - multiqCyberEssentialPlus
 - name: 'Q2: Award question - What services can you provide?'
   summary_page_description: >
     Disclaimer: as part of your application for Digital Outcomes and Specialists 7 the questions in this section will be assessed.

package/frameworks/digital-outcomes-and-specialists-7/manifests/edit_submission.yml CHANGED Viewed

@@ -9,6 +9,11 @@
   questions:
     - multiqTechnicalAbilityCertificates
+- name: 'Condition of participation - Cyber Essential Plus'
+  editable: True
+  questions:
+    - multiqCyberEssentialPlus
 - name: 'Q2: Award question - What services can you provide?'
   summary_page_description: >
     <p class="govuk-body">

package/frameworks/digital-outcomes-and-specialists-7/questions/services/cyberEssentialsPlusCertificate.yml ADDED Viewed

@@ -0,0 +1,38 @@
+name: Cyber Essentials Plus certificate
+question: Does your organisation (and if applicable, your consortium members) already have, or can commit to obtain prior to the commencement of the framework contract, a current and valid Cyber Essentials Plus certificate?
+question_advice: >
+    <p class="govuk-body">This question is evaluated Pass / Fail.</p>
+    <p class="govuk-body govuk-!-margin-top-3">Your tender will Fail, if you do not answer Yes to having a current and valid Cyber Essentials Plus certificate; or Yes to be working towards gaining a valid Cyber Essentials Plus certificate by the framework award date; or Yes to having an IASME certified equivalent, as you will not satisfy this condition of participation.</p>
+    <p class="govuk-body govuk-!-margin-top-3">Your tender will be disregarded. We will tell you that your tender has been disregarded and why.</p>
+    <p class="govuk-body govuk-!-margin-top-3">If you are successful, and the evidence you provide does not demonstrate to the satisfaction of the Crown Commercial Service that you meet the Cyber Essentials Plus requirement, you shall be prohibited from commencing the provision of deliverables under any call-off contract until such time as you have evidenced to the satisfaction of the Crown Commercial Service that you meet the Cyber Essentials Plus requirement.</p>
+    <p class="govuk-body govuk-!-margin-top-3">Refer to the <a class="govuk-link" href="https://www.ncsc.gov.uk/cyberessentials/overview" target="_blank" rel="noopener noreferrer">National Cyber Security Centre (NCSC) website (opens in new tab)</a> for more information.</p>
+depends:
+  - "on": lot
+    being:
+      - digital-capability-and-delivery-partner
+type: radios
+options:
+  - label: 'Yes, your organisation (and if applicable, your consortium members) has a current and valid Cyber Essentials Plus certificate which has been awarded by one of the government approved Cyber Essentials accreditation bodies within the most recent 12 months'
+    value: 'yes-valid'
+  - label: 'Yes, your organisation (and if applicable, your consortium members) is working towards gaining Cyber Essentials Plus certification, and will be in a position to confirm that you have been awarded a current and valid Cyber Essentials Plus certificate by one of the government approved accreditation bodies, by the date of framework award'
+    value: 'yes-working-towards'
+  - label: 'Your organisation (and if applicable, your consortium members) do not have a current and valid Cyber Essentials Plus certificate, or will not have in place by the date of framework award, but have an IASME certified equivalent'
+    value: 'no-but-IASME'
+  - label: 'No, your organisation (and if applicable, your consortium members) does not have, and will not have in place by the date of framework award, a current and valid Cyber Essentials Plus certificate or an IASME certified equivalent'
+    value: 'no-never'
+followup:
+  requirementsOfCyberEssentialsPlus:
+    - no-but-IASME
+  equivalentHasBeenVerified:
+    - no-but-IASME
+validations:
+  -
+    name: answer_required
+    message: You must select an option

package/frameworks/digital-outcomes-and-specialists-7/questions/services/equivalentHasBeenVerified.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: Equivalent has been verified
+question: Can you confirm that your equivalent has been verified by a technically competent and independent third party which must be a IASME registered Certification Body?
+type: boolean
+depends:
+  - "on": lot
+    being:
+      - digital-capability-and-delivery-partner
+validations:
+  -
+    name: answer_required
+    message: 'You must select an option'

package/frameworks/digital-outcomes-and-specialists-7/questions/services/multiqCyberEssentialPlus.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: Cyber Essentials Plus certificate
+question: ""
+type: multiquestion
+depends:
+  - "on": lot
+    being:
+      - digital-capability-and-delivery-partner
+questions:
+  - cyberEssentialsPlusCertificate
+  - requirementsOfCyberEssentialsPlus
+  - equivalentHasBeenVerified

package/frameworks/digital-outcomes-and-specialists-7/questions/services/requirementsOfCyberEssentialsPlus.yml ADDED Viewed

@@ -0,0 +1,22 @@
+name: Equivalent covers the requirements of Cyber Essentials Plus
+question: >
+  <p class="govuk-body">Can you confirm that your equivalent covers the requirements of Cyber Essentials Plus including:</p>
+  <ul class="govuk-list govuk-list--bullet">
+    <li>boundary firewalls and internet gateway</li>
+    <li>secure configuration </li>
+    <li>access control </li>
+    <li>malware protection </li>
+    <li>security update management</li>
+  </ul> as detailed in the document <a class="govuk-link" href="https://www.ncsc.gov.uk/files/Cyber-Essentials-Requirements-for-Infrastructure-v3-1-April-2023.pdf" target="_blank" rel="noopener noreferrer">Cyber Essentials: Requirements for IT infrastructure (opens in new tab)</a>
+type: boolean
+depends:
+  - "on": lot
+    being:
+      - digital-capability-and-delivery-partner
+validations:
+  -
+    name: answer_required
+    message: 'You must select an option'

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ccs-digitalmarketplace-frameworks",
-  "version": "3.13.18",
+  "version": "3.13.19",
   "description": "Data files for Digital Marketplace’s procurement frameworks",
   "repository": "git@github.com:Crown-Commercial-Service/ccs-digitalmarketplace-frameworks",
   "author": "enquiries@digitalmarketplace.service.gov.uk"

package/requirements-dev.txt CHANGED Viewed

@@ -30,7 +30,7 @@ ccs-digitalmarketplace-apiclient==28.0.0
     # via
     #   -r requirements.txt
     #   ccs-digitalmarketplace-utils
-ccs-digitalmarketplace-content-loader==13.4.0
+ccs-digitalmarketplace-content-loader==13.5.0
     # via -r requirements.txt
 ccs-digitalmarketplace-utils==69.0.0
     # via
@@ -64,8 +64,8 @@ cryptography==44.0.1
     #   ccs-digitalmarketplace-utils
 deepmerge==2.0
     # via
-    #   -r requirements.txt
     #   -r requirements-dev.in
+    #   -r requirements.txt
 defusedxml==0.7.1
     # via
     #   -r requirements.txt
@@ -114,7 +114,7 @@ govuk-country-register==0.5.0
     # via
     #   -r requirements.txt
     #   ccs-digitalmarketplace-utils
-hypothesis==6.127.1
+hypothesis==6.128.2
     # via -r requirements-dev.in
 identify==2.6.8
     # via pre-commit
@@ -133,7 +133,7 @@ itsdangerous==2.2.0
     #   -r requirements.txt
     #   flask
     #   flask-wtf
-jinja2==3.1.5
+jinja2==3.1.6
     # via
     #   -r requirements.txt
     #   flask
@@ -162,7 +162,7 @@ markupsafe==2.1.5
     #   wtforms
 mccabe==0.7.0
     # via flake8
-mock==5.1.0
+mock==5.2.0
     # via -r requirements-dev.in
 nodeenv==1.9.1
     # via pre-commit
@@ -196,7 +196,7 @@ pyjwt==2.8.0
     #   notifications-python-client
 pyparsing==2.4.7
     # via packaging
-pytest==8.3.4
+pytest==8.3.5
     # via -r requirements-dev.in
 python-dateutil==2.9.0.post0
     # via
@@ -212,8 +212,8 @@ pytz==2024.1
     #   ccs-digitalmarketplace-utils
 pyyaml==6.0.2
     # via
-    #   -r requirements.txt
     #   -r requirements-dev.in
+    #   -r requirements.txt
     #   ccs-digitalmarketplace-content-loader
     #   pre-commit
 redis==5.0.7

package/requirements.in CHANGED Viewed

@@ -1,5 +1,5 @@
 docopt==0.6.2
 deepmerge==2.0
 python-json-logger==2.0.7
-ccs-digitalmarketplace-content-loader==13.4.0
+ccs-digitalmarketplace-content-loader==13.5.0
 ccs-digitalmarketplace-utils==69.0.0

package/requirements.txt CHANGED Viewed

@@ -16,7 +16,7 @@ cachelib==0.13.0
     # via flask-session
 ccs-digitalmarketplace-apiclient==28.0.0
     # via ccs-digitalmarketplace-utils
-ccs-digitalmarketplace-content-loader==13.4.0
+ccs-digitalmarketplace-content-loader==13.5.0
     # via -r requirements.in
 ccs-digitalmarketplace-utils==69.0.0
     # via
@@ -71,7 +71,7 @@ itsdangerous==2.2.0
     # via
     #   flask
     #   flask-wtf
-jinja2==3.1.5
+jinja2==3.1.6
     # via flask
 jmespath==1.0.1
     # via