EU solidarity with Ukraine

Call for tenders' details

Please note that Section 6.5 of the Annex 4 - Terms of Reference - has been slightly amended. Therefore, the deadline for receipt of tenders has been extended until 10/07/2020. If possible, please send electronic documents scanned with OCR (optical character recognition) on. Thank you!
Title:
Provision and Management of Necessary Transversal Cloud Security and Integration...
Contracting authority:
European Investment Fund
TED publication date:
25/05/2020
Time limit for receipt of tenders:
10/07/2020
Status:
Closed
Hide filter parameters
Filter parameters


Results per page: 10 | 25 | 50 221 Questions found, displaying 1 to 50.[First/Prev] 1, 2, 3, 4, 5 [Next/Last]
# Question Answer Last publication date Status
221
For the last 3 years of Services, the Service Provider should be able to apply annual indexation rates [...]
EIF authorises the increase probably indexed on consumer price index. An average of this last index for [...]
22/06/2020
220
According to Appendix 2 of Annex 5a, “Assignments which started before this three (3) years period but [...]
The Tenderer has to provide three (3) relevant and verifiable references of assignments carried out in [...]
19/06/2020
219
According to page 2 of the General Administrative and Submission Clauses, point 5, “Tenders must be drawn [...]
It is a correct understanding.
19/06/2020
218
In case a consortium submits a joint tender, we understanding that: a) Annexes 4, 5a, 6, 7, 8 must be [...]
In case a consortium submits a joint tender, Annexes 1, 4, 5a, 5b, 6, 7, 8 must be initialed and signed [...]
19/06/2020
217
2. Could EIF please confirm our understanding: 2.1 For joint tenders the award criteria shall be evaluated [...]
It is a correct understanding.
19/06/2020
216
In case of a joint tender, compliance with the selection criteria will be evaluated as a whole or compliance [...]
According to Section 6.5.1 of Annex 4 - Terms of Reference: Joint Tenders submitted by consortia or joint [...]
19/06/2020
215
According to the General Administrative and Submission Clauses, page 1/4, the tenderer should send its [...]
It is a correct understanding. You need to upload the Tender on SmartShare before the indicated deadline [...]
19/06/2020
214
It is our understanding that we need to provide along with the paper copy of the Offer, one USB which [...]
It is a correct understanding - one USB with the Technical and the Financial Offer.
19/06/2020
213
With reference to General Administrative and Submission Clauses regarding the documents to be submitted [...]
Annex 1 “Tenderer Contact sheet” should be filled, signed and submitted by the Lead Partner. Information [...]
19/06/2020
212
For the provision of the security services, additional specific terms and conditions might be required [...]
It depends what is included in those additional specific terms and conditions and whether they do not [...]
19/06/2020
211
"For each qualified Tender, the Financial offer will then be verified, where the Financial offer found [...]
Let's consider the best offer which would get a score of 100 for a price of P (considering that services [...]
19/06/2020
210
Considering the ongoing Covid19 situation, we are having restricted access to our office premises and [...]
All tenders still need to be submitted in both ways - in paper and electronically.
19/06/2020
209
According to your instructions the final tender needs to be submitted to EIF by two ways, electronically [...]
All tenders still need to be submitted in both ways - in paper and electronically.
19/06/2020
208
Regarding documents which require signature, can EIF confirm that two ways of signing is accepted, i.e [...]
We confirm.
19/06/2020
207
“Tendering organisations must submit a full dossier, each page of which must be initialled. Paper version [...]
Please initial each page of the original tender (paper version). The electronic version of the tender [...]
19/06/2020
206
“The Tender must be delivered either by registered post OR by messenger or courier at the reception desk [...]
We confirm. In case of dispatch of the proposal per courier DHL/UPS, the evidence of the postmark (i.e [...]
19/06/2020
205
The total annual turnover associated with the type of Services, to which the Tenderer is tendering should [...]
In the described case the annual accounts of the main tenderer are sufficient.
19/06/2020
204
Could you please explain the following requirement "Where applicable, a confirmation that the required [...]
This sentence shall be read as 'if applicable'. If not applicable, then there is no need for this kind [...]
19/06/2020
203
It is our understanding that each Assignment Reference Table (ART), should be presented separately and [...]
It is a correct understanding. Please not that an ART consists of the three (3) pages and all the pages [...]
19/06/2020
202
It is our understanding that in the provided table we should present the overall annual turnover of the [...]
It is a correct understanding.
19/06/2020
201
In case a tenderer relies on the capacities of the subcontractors in order to fulfil the selection criteria [...]
It is a correct understanding. But please note that this information has to be indicated also in the [...]
19/06/2020
200
Declaration on Honour, section VII - SELECTION CRITERIA, points (a) and (b), it is our understanding [...]
It is a correct understanding. But please note that the tenderer, each consortia member and each subcontractor [...]
19/06/2020
199
We have several questions: 1. What types of hardware or virtual storage does EIF request for support [...]
The SFTP solution can come with its own low level technical features/requirements. The SFTP server currently [...]
19/06/2020
198
We have several questions: 1. Beside of GDPR, is there any other security standards/regulations/compliances [...]
1. EUDPR is indeed very important. There is no specific EU regulation that we can think of to date but [...]
19/06/2020
197
What are encryption performance and UX requirements - number of messages, files, records in DB ? Prefference [...]
We are talking about a number of files of about 200k. DB wise, overall 300M records.
19/06/2020
196
Is PKI infrastructure with policies set available to certify assymmetric encryption keys ?
No PKI dedicated to EIF is currently available. Public EIF certificates are generated by Globalsign with [...]
19/06/2020
195
Is any Key management system (in any form - proces-paper-application driven) in place already with established [...]
Today we have ad hoc encryption on a per Cloud application basis. EIF Cloud Providers are using the existing [...]
19/06/2020
194
Are any cryptographic devices (HSM, cloud key vaults, smartcards) already available at EIF for encryption [...]
Today we have ad hoc encryption on a per Cloud application basis. EIF Cloud Providers are using the existing [...]
19/06/2020
193
Are encryption services required to provide both symmetric and assymmetric encryption schemas ?
Both are required indeed.
19/06/2020
192
What sharing solution is used since it needs to be extended by Encrpytion/sharing?
The need is to define the solution from scratch and not adapt any other solution.
19/06/2020
191
What purposes is the adhoc file encryption/sharing solution required for? - Endpoint (workstation, mobile [...]
EIF would need an application that targets 25 users initially and up to 50 users. This solution is for [...]
19/06/2020
190
What type of data need to be encrypted? - data and documents in rest in databases, shared storage, cloud [...]
Today we have ad hoc encryption on a per Cloud application basis. EIF Cloud Providers are using the existing [...]
19/06/2020
189
What purposes are the Generic additional Encryption services required for ? - for Data encryption on [...]
Today we have ad hoc encryption on a per Cloud application basis. EIF Cloud Providers are using the existing [...]
19/06/2020
188
What are regulations (internal, local, global) which enforce encryption and according to which the Encryption [...]
There is no EU regulation that "enforces" encryption. EU Commission said repeatedly it does not want [...]
19/06/2020
187
Is the limit of 3 References applicable for the whole proposal and scope of project or for each of specific [...]
3 references are foreseen for the whole scope (a reference may cover different services) but it may not [...]
19/06/2020
186
(4.1.11) Are there any specific requirements regarding the scope (type) of penetration testing and whether [...]
The overall plan is to cover all EIF cloud applications on a yearly basis. We may indeed discuss early [...]
19/06/2020
185
(4.1.1) Where are Group Data Warehouse and Business Modelling tool hosted?
The group DWH is hosted internally by EIB. The business process tool is in the cloud (Azure).
19/06/2020
184
Are you planning to integrate the IAM system with SIEM/ticketing solution/PAM solution? Will this be [...]
SIEM and ticketing system are in the scope. For PAM this has not been requested explicitly but would [...]
19/06/2020
183
Do you have a privileged access management system in place? How is privileged access currently managed [...]
No we do not have such infrastructure in place yet. High privileges are only managed at application level [...]
19/06/2020
182
Where are these systems hosted? For e.g. on premises, cloud, which cloud provider?
All these systems are hosted in the Cloud (AWS or Azure).
19/06/2020
181
What are type of systems which are in scope for integrating with IAM system? For e.g. Active Directory [...]
See part 4.1.5.6. We are only talking about EIF cloud business applications.
19/06/2020
180
How many applications do you plan to onboard into the IAM system as part of this project?
Today, we have 5 applications but number is likely to increase (double or even more) in mid-long term [...]
19/06/2020
179
How is access currently provided/updated/revoked?
This part is being managed by EIF and follows an internal process with manual operations to date. This [...]
19/06/2020
178
What authority is currently being used to authenticate users? For e.g. LDAP authentication, database [...]
OneLogin has an embedded directory and authenticates users itself either by password or with a specific [...]
19/06/2020
177
What mechanisms are you currently using for providing SSO authentication? For e.g. Windows domain, Portal [...]
OneLogin is a portal application with embedded Identity management features.
19/06/2020
176
If the scope of the project is only limited to enable SSO capabilities, have you considered any SSO vendor [...]
No, we are vendor agnostic. There is a solution in place (OneLogin) but outlook is totally open.
19/06/2020
175
Have any systems already been configured to support SSO capabilities?
See part 4.1.5 of Annex 4 document. Current system is OneLogin.
19/06/2020
174
In the context of an IAM solution have you considered capabilities such as Identity Governance and Management [...]
In short/mid terms we only look at the "SSO/authentication" capabilities. In mid-long term, we may federate [...]
19/06/2020
173
For how many users are you planning to enable IAM/SSO capabilities?
Please see #4.1.5.4. 800 "internal users" and up to 1200 external users. External users seats are not [...]
19/06/2020
172
Can you provide the background information about the problem statement that should be solved with this [...]
There is no "problem statement" to mention, just the need and will to improve EIF services delivery in [...]
19/06/2020