npm - ccs-digitalmarketplace-frameworks - Versions diffs - 5.0.3 → 5.1.1 - Mend

ccs-digitalmarketplace-frameworks 5.0.3 → 5.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/frameworks/g-cloud-15/manifests/edit_additional_lot_questions.yml CHANGED Viewed

@@ -1,36 +1,39 @@
 -
-  name: "Section A - Understanding Quality Requirements"
-  slug: understanding-quality-requirements
+  name: "Selection questions"
+  slug: selection-questions
   editable: True
-  description: |
-    The purpose of this section is to confirm that suppliers understand the concept of Quality Requirements and its relevance and importance to the G-Cloud 15 Framework.
-    The following questions are PASS/FAIL. If you respond ‘No’ to any of these questions, your Framework Tender Response will be disqualified. Please refer to Attachment 2.
   questions:
-    - understandCCSBuyersEvaluateQualityReq
-    - understandCCSEvaluateQualityResponse
-    - understandBuyerIncludeQualityRequirement
-    - understandObligationToMeetQualityReq
+    - multiqSelectionQuestions1a
+    - multiqSelectionQuestions1b
 -
-  name: "Section B - Commitment for Future: Delivery"
-  slug: commitment-for-future
+  name: "Award criteria for Lots 2a and 2b"
+  slug: award-criteria-2a-and-2b
   editable: True
   description: |
-    The purpose of this section is to assess Suppliers’ commitment to delivering quality requirements, including specific actions they plan to take.
+    CCS requires you to confirm your understanding of providing user support and asset protection for SaaS services is essential for successful delivery..
-    Quality requirements of Project Management, Continuous Improvement, Innovation and Account Management are considered relevant to G-Cloud 15 Framework Lots 2a, 2b and 3.
+    In order to satisfy the award criteria, you must fully address each of the sub-criteria
+    Please select the processes that you will have in place to effectively provide user support, using email or ticketing support, phone support or web chat support, and asset Protection by confirming where service user data is processed and stored, frequency of penetration testing and your data sanitisation process (in accordance with the Service Questions that will be published on the Digital Marketplace)
   questions:
-    - commitmentForFuture
+    - multiqHowYouWillProvideUserSupportCloudSoftware
+    - multiqHowYouWillProvideAssetProtection
+    - multiqWhatFrequencyWillPenTestingBeConducted
+    - multiqHowYouWillProvideSataSanitisation
 -
-  name: "Section C - Organisational Readiness"
-  slug: organisational-readiness
+  name: "Award criteria for Lot 3"
+  slug: award-criteria-3
   editable: True
   description: |
-    Suppliers who are awarded a Contract under this Framework will be required to appoint a Supplier's Contract Manager to oversee the operation of the Call-Off Contract, and ensuring Project Management and/or Continuous Improvement and/or Innovation and/or Account Management commitments are delivered. For the purpose of this Framework, the Supplier's Contract Manager will be responsible for ensuring the correct processes and systems are in place for delivery of your Project Management and/or Continuous Improvement and/or Innovation and/or Account Management commitments.
-    The Supplier's Contract Manager role may vary between organisations, the role is the person identified in the Order Form appointed by the Supplier and any alternative person whom the Supplier intends to appoint to the role, provided that the Supplier informs the Buyer prior to the appointment.  For this reason, shared mailboxes are acceptable and an individual’s contact name is still required.
+    CCS requires you to confirm your understanding of providing user support, staff security and cyber security certification for Cloud Support services is essential for successful delivery
+    In order to satisfy the award criteria, you must fully address each of the sub-criteria
+    Please select the processes that you will have in place to effectively provide user support, using email or ticketing support, phone support or web chat support, and staff security by confirming how staff security checks are performed, and what level of security checks will be performed, and confirming your approach to cyber security certification, (in accordance with the Service Questions that will be published on the Digital Marketplace)
   questions:
-      - supplierContractManagerCommitment
-      - multiqSupplierContractManagerContact
+    - multiqHowYouWillProvideUserSupportCloudSupport
+    - multiqHowDoYouManageStaffSecurityClearanceChecks
+    - multiqWhatLevelOfSecurityClearance
+    - multiqHaveInPlaceCyberEssentials

package/frameworks/g-cloud-15/questions/additional-lot-questions/areYouAReseller1a.yml ADDED Viewed

@@ -0,0 +1,29 @@
+id: areYouAReseller
+name: Are you are bidding to offer IaaS and/or PaaS as a reseller or are you in sole control of the infrastructure
+question: >
+  The specification for this Lot requires that the Supplier is in sole control of the infrastructure that underlies its Services or can evidence that they are an accredited reseller of such infrastructure.
+  Confirm whether you are bidding to offer IaaS and/or PaaS as a reseller
+question_advice: >
+  If you will offer both proprietary and resold services as part of your core IaaS and PaaS offering, select ‘Reseller’.
+  If you may use another’s service resold if it is ancillary to the core IaaS or PaaS service, but will provide the core IaaS or PaaS services entirely without reselling in the normal operation of your services, select ‘Sole Control’.
+followup:
+  iso9001certificationURL:
+    - reseller
+    - sole-control
+  areYouReliantForSomeAccreditations:
+    - reseller
+    - sole-control
+type: radios
+options:
+  - label: Reseller
+    value: reseller
+  - label: Sole Control of the Infrastructure
+    value: sole-control
+validations:
+  - name: answer_required
+    message:  You must select if you have in place processes to provide user support

package/frameworks/g-cloud-15/questions/additional-lot-questions/areYouAReseller1b.yml ADDED Viewed

@@ -0,0 +1,32 @@
+id: areYouAReseller
+name: Are you are bidding to offer IaaS and/or PaaS as a reseller or are you in sole control of the infrastructure
+question: >
+  The specification for this Lot requires that the Supplier is in sole control of the infrastructure that underlies its Services or can evidence that they are an accredited reseller of such infrastructure.
+  Confirm whether you are bidding to offer IaaS and/or PaaS as a reseller
+question_advice: >
+  If you will offer both proprietary and resold services as part of your core IaaS and PaaS offering, select ‘Reseller’.
+  If you may use another’s service resold if it is ancillary to the core IaaS or PaaS service, but will provide the core IaaS or PaaS services entirely without reselling in the normal operation of your services, select ‘Sole Control’.
+followup:
+  iso9001certificationURL:
+    - reseller
+    - sole-control
+  areYouReliantForSomeAccreditations:
+    - reseller
+    - sole-control
+  iso27018certificationURL:
+    - reseller
+    - sole-control
+type: radios
+options:
+  - label: Reseller
+    value: reseller
+  - label: Sole Control of the Infrastructure
+    value: sole-control
+validations:
+  - name: answer_required
+    message:  You must select if you have in place processes to provide user support

package/frameworks/g-cloud-15/questions/additional-lot-questions/areYouReliantForSomeAccreditations.yml ADDED Viewed

@@ -0,0 +1,19 @@
+name: Are you reliant on the Cloud Service Provider for some accreditations
+question: Are you reliant on the Cloud Service Provider for some accreditations required by the specification for this Lot, such as cloud security related ISOs?
+question_advice: This means that because the services will be resold in their entirety, the service may be accredited in the original supplier’s name, but you will not need to hold that accreditation directly
+type: boolean
+hidden: true
+followup:
+  iso14001certificationURL:
+    - true
+  iso27001certificationURL:
+    - true
+  iso27017certificationURL:
+    - true
+validations:
+  - name: answer_required
+    message: You must select an option

package/frameworks/g-cloud-15/questions/additional-lot-questions/haveInPlaceCyberEssentialsCertification.yml ADDED Viewed

@@ -0,0 +1,9 @@
+name: Are you prepared to have in place Cyber Essentials certification?
+question: Are you prepared to have in place Cyber Essentials (or equivalent or higher) certification should a Buyer require it?
+type: boolean
+validations:
+  - name: answer_required
+    message: You must select if you are you prepared to have in place Cyber Essentials certification

package/frameworks/g-cloud-15/questions/additional-lot-questions/haveInPlaceProcessesToProvideUserSupportCloudSoftware.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Have in place processes to provide user support
+question: Will your organisation have in place processes to provide user support for the SaaS services in lots 2a and lot 2b?
+followup:
+  whenIsUserSupportAvailable:
+    - true
+type: boolean
+validations:
+  - name: answer_required
+    message:  You must select if you have in place processes to provide user support

package/frameworks/g-cloud-15/questions/additional-lot-questions/haveInPlaceProcessesToProvideUserSupportCloudSupport.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Have in place processes to provide user support
+question: Will your organisation have in place processes to provide user support for the Cloud Support services in lot 3?
+followup:
+  whenIsUserSupportAvailable:
+    - true
+type: boolean
+validations:
+  - name: answer_required
+    message:  You must select if you have in place processes to provide user support

package/frameworks/g-cloud-15/questions/additional-lot-questions/haveIndustryStandardDataSanitisationProcess.yml ADDED Viewed

@@ -0,0 +1,9 @@
+name: Do you have a industry standard data sanitisation process?
+question: Do you have a industry standard data sanitisation process, such as explicit overwriting of storage before reallocation / Secure Erase, degaussing, or physical destruction / hardware containing data is completely destroyed?
+type: boolean
+validations:
+  - name: answer_required
+    message: You must select if you have a industry standard data sanitisation process

package/frameworks/g-cloud-15/questions/additional-lot-questions/howAreStaffSecurityChecksPerformed.yml ADDED Viewed

@@ -0,0 +1,15 @@
+name: How are staff security checks performed?
+question: How are staff security checks performed?
+hidden: true
+type: radios
+options:
+  - label: Staff screening performed which conforms to BS7858:2019
+    value: conforms-to-bs
+  - label: Staff screening performed but doesn’t conform with BS7858:2019
+    value: does-not-conform-to-bs
+validations:
+  - name: answer_required
+    message: You must select how are staff security checks performed

package/frameworks/g-cloud-15/questions/additional-lot-questions/howOftenWillPenTestingBeConducted.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: How often will penetration testing be conducted on the SaaS service?
+question: How often will penetration testing be conducted on the SaaS service?
+hidden: true
+type: radios
+options:
+  - label: At least every 6 months
+  - label: At least once a year
+  - label: Less than once a year
+validations:
+  - name: answer_required
+    message: You must select how often will penetration testing be conducted

package/frameworks/g-cloud-15/questions/additional-lot-questions/iso14001certificationURL.yml ADDED Viewed

@@ -0,0 +1,23 @@
+name: ISO 14001 certification
+question: Provide your ISO 14001 certification
+hint: This file must be in an open document format and have a maximum file size of 5MB
+type: upload
+hidden: true
+file_settings:
+  name: iso-14001-certification
+  max_size: 5
+  file_types:
+    - open_document
+validations:
+  - name: answer_required
+    message: You must upload your ISO 14001 certification
+  - name: file_is_valid_format
+    message: The file must be in an open format. Select an Open Document Format (ODF) or PDF/A (eg .pdf, .odt).
+  - name: file_is_less_than_5mb
+    message: The file must be smaller than 5MB.
+  - name: file_can_be_saved
+    message: The selected file could not be uploaded - try again.

package/frameworks/g-cloud-15/questions/additional-lot-questions/iso27001certificationURL.yml ADDED Viewed

@@ -0,0 +1,23 @@
+name: ISO 27001 certification
+question: Provide your ISO 27001 certification
+hint: This file must be in an open document format and have a maximum file size of 5MB
+type: upload
+hidden: true
+file_settings:
+  name: iso-27001-certification
+  max_size: 5
+  file_types:
+    - open_document
+validations:
+  - name: answer_required
+    message: You must upload your ISO 27001 certification
+  - name: file_is_valid_format
+    message: The file must be in an open format. Select an Open Document Format (ODF) or PDF/A (eg .pdf, .odt).
+  - name: file_is_less_than_5mb
+    message: The file must be smaller than 5MB.
+  - name: file_can_be_saved
+    message: The selected file could not be uploaded - try again.

package/frameworks/g-cloud-15/questions/additional-lot-questions/iso27017certificationURL.yml ADDED Viewed

@@ -0,0 +1,23 @@
+name: ISO 27017 certification
+question: Provide your ISO 27017 certification
+hint: This file must be in an open document format and have a maximum file size of 5MB
+type: upload
+hidden: true
+file_settings:
+  name: iso-27017-certification
+  max_size: 5
+  file_types:
+    - open_document
+validations:
+  - name: answer_required
+    message: You must upload your ISO 27017 certification
+  - name: file_is_valid_format
+    message: The file must be in an open format. Select an Open Document Format (ODF) or PDF/A (eg .pdf, .odt).
+  - name: file_is_less_than_5mb
+    message: The file must be smaller than 5MB.
+  - name: file_can_be_saved
+    message: The selected file could not be uploaded - try again.

package/frameworks/g-cloud-15/questions/additional-lot-questions/iso27018certificationURL.yml ADDED Viewed

@@ -0,0 +1,23 @@
+name: ISO 27018 certification
+question: Provide your ISO 27018 certification
+hint: This file must be in an open document format and have a maximum file size of 5MB
+type: upload
+hidden: true
+file_settings:
+  name: iso-27018-certification
+  max_size: 5
+  file_types:
+    - open_document
+validations:
+  - name: answer_required
+    message: You must upload your ISO 27018 certification
+  - name: file_is_valid_format
+    message: The file must be in an open format. Select an Open Document Format (ODF) or PDF/A (eg .pdf, .odt).
+  - name: file_is_less_than_5mb
+    message: The file must be smaller than 5MB.
+  - name: file_can_be_saved
+    message: The selected file could not be uploaded - try again.

package/frameworks/g-cloud-15/questions/additional-lot-questions/iso9001certificationURL.yml ADDED Viewed

@@ -0,0 +1,23 @@
+name: ISO 9001 certification
+question: Provide your ISO 9001 certification
+hint: This file must be in an open document format and have a maximum file size of 5MB
+type: upload
+hidden: true
+file_settings:
+  name: iso-9001-certification
+  max_size: 5
+  file_types:
+    - open_document
+validations:
+  - name: answer_required
+    message: You must upload your ISO 9001 certification
+  - name: file_is_valid_format
+    message: The file must be in an open format. Select an Open Document Format (ODF) or PDF/A (eg .pdf, .odt).
+  - name: file_is_less_than_5mb
+    message: The file must be smaller than 5MB.
+  - name: file_can_be_saved
+    message: The selected file could not be uploaded - try again.

package/frameworks/g-cloud-15/questions/additional-lot-questions/knowTheLocations.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Know the location where the service user data is stored and processed
+question: Will your organisation know the location where the service user data is stored and processed?
+followup:
+  whereIsDataStoredAndProcessed:
+    - true
+type: boolean
+validations:
+  - name: answer_required
+    message:  You must select if you know the location where the service user data is stored and processed

package/frameworks/g-cloud-15/questions/additional-lot-questions/makeSureStaffHaveSecurityClearance.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Are you prepared to make sure your staff have staff security clearance
+question: Are you prepared to make sure your staff have staff security clearance if required by the Buyer?
+followup:
+  whatLevelOfStaffSecurityClearance:
+    - true
+type: boolean
+validations:
+  - name: answer_required
+    message: You must select if you are prepared to make sure your staff have staff security clearance

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqHaveInPlaceCyberEssentials.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Are you prepared to have in place Cyber Essentials
+question: If the Buyer requires it are you prepared to have in place Cyber Essentials (or equivalent or higher) certification for your Cloud Support services delivered in lots 3
+question_advice: >
+  Your response must confirm that if a Buyer requires it you will have in place Cyber Essentials (or equivalent or higher) certification for your Cloud Support services, by confirming that you are prepared to have Cyber Essentials (or equivalent or higher) certification in place, in accordance with the Service Questions in the Standards and Certifications section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-support
+type: multiquestion
+questions:
+  - haveInPlaceCyberEssentialsCertification

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqHowDoYouManageStaffSecurityClearanceChecks.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: How do you manage staff security clearance checks
+question: How do you manage staff security clearance checks for staff with access to information or connected to the delivery of your Cloud Support services in lot 3
+question_advice: >
+  Your response must confirm the staff security clearance checks that you will have in place for your Cloud Support services, by confirming whether staff security clearance checks are performed, in accordance with the Service Questions in the Staff Security section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-support
+type: multiquestion
+questions:
+  - willYourOrgPerformSecurityChecks
+  - howAreStaffSecurityChecksPerformed

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqHowYouWillProvideAssetProtection.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: How you will provide asset protection
+question: How you will provide asset protection for your SaaS services delivered in lots 2a and 2b
+question_advice: >
+  Your response must confirm the asset protection that you will have in place for your SaaS services, by confirming data storage and processing locations, in accordance with the Service Questions in the Asset Protection section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-software
+type: multiquestion
+questions:
+  - knowTheLocations
+  - whereIsDataStoredAndProcessed

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqHowYouWillProvideSataSanitisation.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: How you will provide data sanitisation
+question: How you will provide data sanitisation for your SaaS services delivered in lots 2a and 2b
+question_advice: >
+  Your response must confirm that you will have data sanitisation processes in place for your SaaS services, by confirming if you will have industry standard data sanitisation processes such as explicit overwriting of storage before reallocation / Secure Erase, degaussing, or physical destruction / hardware containing data is completely destroyed, in accordance with the Service Questions in the Asset Protection section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-software
+type: multiquestion
+questions:
+  - haveIndustryStandardDataSanitisationProcess

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqHowYouWillProvideUserSupportCloudSoftware.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: How you will provide user support
+question: How you will provide user support for your SaaS services delivered in lots 2a and 2b
+question_advice: >
+  Your response must confirm the availability of the user support that you will have in place to effectively provide User Support for your SaaS services, using processes such as Email/ticketing support, Phone support or Web chat support, in accordance with the Service Questions in the User Support section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-software
+type: multiquestion
+questions:
+  - haveInPlaceProcessesToProvideUserSupportCloudSoftware
+  - whenIsUserSupportAvailable

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqHowYouWillProvideUserSupportCloudSupport.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: How you will provide user support
+question: How you will provide user support for your Cloud Support services delivered in lot 3
+question_advice: >
+  Your response must confirm the availability of the user support that you will have in place to effectively provide User Support for your Cloud Support services, using processes such as Email/ticketing support, Phone support or Web chat support, in accordance with the Service Questions in the User Support section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-support
+type: multiquestion
+questions:
+  - haveInPlaceProcessesToProvideUserSupportCloudSupport
+  - whenIsUserSupportAvailable

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqSelectionQuestions1a.yml ADDED Viewed

@@ -0,0 +1,16 @@
+name: Are you a reseller?
+question: Are you a reseller?
+depends:
+  - "on": route
+    being:
+      - iaas-and-paas
+type: multiquestion
+questions:
+  - areYouAReseller1a
+  - iso9001certificationURL
+  - areYouReliantForSomeAccreditations
+  - iso14001certificationURL
+  - iso27001certificationURL
+  - iso27017certificationURL

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqSelectionQuestions1b.yml ADDED Viewed

@@ -0,0 +1,17 @@
+name: Are you a reseller?
+question: Are you a reseller?
+depends:
+  - "on": route
+    being:
+      - iaas-and-paas-above-official
+type: multiquestion
+questions:
+  - areYouAReseller1b
+  - iso9001certificationURL
+  - areYouReliantForSomeAccreditations
+  - iso14001certificationURL
+  - iso27001certificationURL
+  - iso27017certificationURL
+  - iso27018certificationURL

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqWhatFrequencyWillPenTestingBeConducted.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: What frequency will penetration testing be conducted
+question: At what frequency will penetration testing be conducted for the SaaS services delivered in lots 2a and 2b
+question_advice: >
+  Your response must confirm the penetration testing frequency that will be applied to the SaaS services, by confirming how often penetration testing occurs, in accordance with the Service Questions in the Asset Protection section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-software
+type: multiquestion
+questions:
+  - willPenTestingBeConducted
+  - howOftenWillPenTestingBeConducted

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqWhatLevelOfSecurityClearance.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: What level of security clearance are you prepared to implement
+question: If the Buyer requires it, what level of security clearance are you prepared to implement to make sure your staff have for the Cloud Support services delivered in lot 3
+question_advice: >
+  Your response must confirm the maximum level of staff security clearance that you are prepared to have in place for your Cloud Support services, by confirming the level of staff security clearance that you are prepared to have in place, in accordance with the Service Questions in the Staff Security section on the Digital Marketplace
+depends:
+  - "on": route
+    being:
+      - cloud-support
+type: multiquestion
+questions:
+  - makeSureStaffHaveSecurityClearance
+  - whatLevelOfStaffSecurityClearance

package/frameworks/g-cloud-15/questions/additional-lot-questions/whatLevelOfStaffSecurityClearance.yml ADDED Viewed

@@ -0,0 +1,17 @@
+name: What level of staff security clearance are you prepared to have in place should a Buyer require it?
+question: What level of staff security clearance are you prepared to have in place should a Buyer require it?
+hidden: true
+type: radios
+options:
+  - label: Up to Developed Vetting (DV)
+    value: dv
+  - label: Up to Security Clearance (SC)
+    value: sc
+  - label: Up to Baseline Personnel Security Standard (BPSS)
+    value: bpss
+validations:
+  - name: answer_required
+    message: You must select what level of staff security clearance are you prepared to have in place

package/frameworks/g-cloud-15/questions/additional-lot-questions/whenIsUserSupportAvailable.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: When is user support available?
+question: When is user support available?
+hidden: true
+type: radios
+options:
+  - label: 24 hours, 7 days a week
+  - label: 9 to 5 (UK time), 7 days a week
+  - label: 9 to 5 (UK time), Monday to Friday
+validations:
+  - name: answer_required
+    message:  You must select when is user support is available

package/frameworks/g-cloud-15/questions/additional-lot-questions/whereIsDataStoredAndProcessed.yml ADDED Viewed

@@ -0,0 +1,14 @@
+name: Where is service user data stored and processed?
+question: Where is service user data stored and processed?
+hidden: true
+type: checkboxes
+options:
+  - label: United Kingdom
+  - label: European Economic Area (EEA)
+  - label: Other
+validations:
+  - name: answer_required
+    message:  You must select where is service user data stored and processed

package/frameworks/g-cloud-15/questions/additional-lot-questions/willPenTestingBeConducted.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Will penetration testing be conducted?
+question: Will penetration testing be conducted on the SaaS service?
+followup:
+  howOftenWillPenTestingBeConducted:
+    - true
+type: boolean
+validations:
+  - name: answer_required
+    message: You must select if you will penetration testing be conducted

package/frameworks/g-cloud-15/questions/additional-lot-questions/willYourOrgPerformSecurityChecks.yml ADDED Viewed

@@ -0,0 +1,13 @@
+name: Will your organisation perform staff security clearance checks
+question: Will your organisation perform staff security clearance checks for staff with access to information or connected to the delivery of your Cloud Support services?
+followup:
+  howAreStaffSecurityChecksPerformed:
+    - true
+type: boolean
+validations:
+  - name: answer_required
+    message: You must select if you will your organisation perform staff security clearance checks

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ccs-digitalmarketplace-frameworks",
-  "version": "5.0.3",
+  "version": "5.1.1",
   "description": "Data files for Digital Marketplace’s procurement frameworks",
   "repository": {
     "type": "git",

package/frameworks/g-cloud-15/questions/additional-lot-questions/commitmentForFuture.yml DELETED Viewed

@@ -1,51 +0,0 @@
-name: Capabilities you can mobilise
-question: Which of the following capabilities will you be able to mobilise when a call-off contract goes live?
-question_advice: You must select at least one to qualify as a supplier
-hint: Selecting multiple options does not equate to a higher score
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: checkbox_tree
-item_name:
-  singular: capability
-  plural: capabilities
-options:
-  - label: Project Management
-    options:
-    - label: Project Manager (s) with maintained qualification of Prince2 Practitioner
-    - label: Project Manager (s) with maintained qualification from the Association for Project Managers
-    - label: Project Manager (s) with maintained qualification from the Project Management Institution (e.g. Project Management Professional (PMP) or Certified Associate in Project Management (CAPM))
-    - label: Capability with Waterfall methodology
-    - label: Capability with Agile methodology
-    - label: Capability with Scrum methodology
-    - label: Capability with Lean methodology
-    - label: Capability with Extreme Programming (XP) methodology
-    - label: Capability with PRINCE2 methodology
-  - label: Continuous Improvement and Innovation
-    options:
-    - label: Customer Feedback for Service Improvement. Defined process for systematically gathering and reviewing customer feedback specifically for the purpose of improving products and/or services
-    - label: Communication of Product/Service Enhancements. Proactively communicating significant service updates, new feature releases, or relevant roadmap information
-    - label: Value Stream Mapping - identify the flow of data and information to target areas for improvement
-    - label: PDCA (Plan-Do-Check-Act) - plan improvement, implement changes, check results, and act based on the outcomes
-    - label: Lessons Learnt - post contract/project review to learn from successes and failures
-    - label: Continuous Monitoring - Continual critical observation of service delivery to detect potential issues and proactively address them
-    - label: Benchmarking
-  - label: Account Management
-    options:
-    - label: Contract Management reviews
-    - label: Service Level Agreement (SLA)
-    - label: Key Performance Indicators (KPI's)
-    - label: Escalation Process
-    - label: Multi-channel customer service - phone and/or email and/or webchat
-    - label: Performance Review Meetings
-    - label: Customer Satisfaction Surveys
-validations:
-  - name: answer_required
-    message: You must select an option

package/frameworks/g-cloud-15/questions/additional-lot-questions/multiqSupplierContractManagerContact.yml DELETED Viewed

@@ -1,18 +0,0 @@
-name: "Supplier Contract Manager Contact"
-question: "Provide contact details for the individual who will be your Supplier's Contract Manager."
-question_advice: If you are unable to state who this may be, enter the details of the person who would be ultimately responsible for delivery of any Contract, or for the relationship with CCS.
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: multiquestion
-questions:
-  - supplierContractManagerContactName
-  - supplierContractManagerContactJobTitle
-  - supplierContractManagerContactEmail

package/frameworks/g-cloud-15/questions/additional-lot-questions/supplierContractManagerCommitment.yml DELETED Viewed

@@ -1,28 +0,0 @@
-name: Supplier's Contract Manager
-question: Please commit here to having a Supplier's Contract Manager in the organisation to be responsible for delivery of your Project Management and/or Continuous Improvement and/or Innovation and/or Account Management commitment.
-question_advice: If you do not and will not have a Supplier's Contract Manager, and you are not willing to nominate someone to this role, you may state this here, and your Framework Tender Response will be disqualified.
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: radios
-required_value: "will_have_contract_manager"
-options:
-  -
-    label: We WILL have a Supplier's Contract Manager in the organisation
-    value: "will_have_contract_manager"
-  -
-    label: We will NOT have a Supplier's Contract Manager in the organisation
-    value: "will_not_contract_manager"
-validations:
-  -
-    name: not_required_value
-    message: You must confirm you will have a Supplier's Contract Manager in the organisation.
-  -
-    name: answer_required
-    message: You must confirm you will have a Supplier's Contract Manager in the organisation.

package/frameworks/g-cloud-15/questions/additional-lot-questions/supplierContractManagerContactEmail.yml DELETED Viewed

@@ -1,12 +0,0 @@
-name: Email
-question: Email
-type: text
-limits:
-  format: email
-validations:
-  -
-    name: answer_required
-    message: "You must enter a valid email"
-  - name: invalid_format
-    message: "You must enter a valid email"

package/frameworks/g-cloud-15/questions/additional-lot-questions/supplierContractManagerContactJobTitle.yml DELETED Viewed

@@ -1,10 +0,0 @@
-name: Job title
-question: Job title
-type: text
-max_length_in_characters: 200
-validations:
-  - name: answer_required
-    message: "You must provide a job title with a maximum of 200 characters"
-  - name: under_character_limit
-    message: "You must provide a job title with a maximum of 200 characters"

package/frameworks/g-cloud-15/questions/additional-lot-questions/supplierContractManagerContactName.yml DELETED Viewed

@@ -1,10 +0,0 @@
-name: Name
-question: Name
-type: text
-max_length_in_characters: 200
-validations:
-  - name: answer_required
-    message: "You must provide a name with a maximum of 200 characters"
-  - name: under_character_limit
-    message: "You must provide a name with a maximum of 200 characters"

package/frameworks/g-cloud-15/questions/additional-lot-questions/understandBuyerIncludeQualityRequirement.yml DELETED Viewed

@@ -1,20 +0,0 @@
-name: Acknowledge inclusion possibility
-question: Do you understand that under a Call-Off Procedure, a Buyer using the G-Cloud 15 Framework may include a quality requirement to a Call-Off Contract? Please refer to Attachment 2.
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: boolean
-required_value: true
-validations:
-  -
-    name: not_required_value
-    message: You must select “Yes” to continue with your application
-  -
-    name: answer_required
-    message: You must select “Yes” to continue with your application

package/frameworks/g-cloud-15/questions/additional-lot-questions/understandCCSBuyersEvaluateQualityReq.yml DELETED Viewed

@@ -1,20 +0,0 @@
-name: Acknowledge evaluation requirement
-question: Do you understand that CCS and Buyers using the G-Cloud 15 Framework are required to evaluate quality requirements as part of a Framework and Call-Off Procedure?
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: boolean
-required_value: true
-validations:
-  -
-    name: not_required_value
-    message: You must select “Yes” to continue with your application
-  -
-    name: answer_required
-    message: You must select “Yes” to continue with your application

package/frameworks/g-cloud-15/questions/additional-lot-questions/understandCCSEvaluateQualityResponse.yml DELETED Viewed

@@ -1,20 +0,0 @@
-name: Understand evaluation process
-question: Do you understand that CCS will evaluate your G-Cloud 15 quality requirements response as per the process described within Attachment 2.
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: boolean
-required_value: true
-validations:
-  -
-    name: not_required_value
-    message: You must select “Yes” to continue with your application
-  -
-    name: answer_required
-    message: You must select “Yes” to continue with your application

package/frameworks/g-cloud-15/questions/additional-lot-questions/understandObligationToMeetQualityReq.yml DELETED Viewed

@@ -1,20 +0,0 @@
-name: Confirm compliance obligation
-question: Do you understand that, provided that it is relevant and proportionate, you will be obligated to meet the quality requirements included in the Call-Off Contract(s)?
-depends:
-  - "on": "route"
-    being:
-      - isaas
-      - saas
-      - cloud-support
-type: boolean
-required_value: true
-validations:
-  -
-    name: not_required_value
-    message: You must select “Yes” to continue with your application
-  -
-    name: answer_required
-    message: You must select “Yes” to continue with your application