Information requested
I am conducting a research project into how public sector organisations procure cyber security services and enterprise software platforms. As part of this, I would be grateful if you could provide the most recent contract information you hold for the following areas:
- Standard Firewall (Network)
Firewall services that protect the organisation’s network from unauthorised access and other internet security threats.
- Anti-virus Software Application
Programs designed to prevent, detect, and remove viruses, malware, trojans, adware, and related threats.
- Microsoft Enterprise Agreement
A volume licensing agreement that may include:
- Microsoft 365 (Office, Exchange, SharePoint, Teams)
- Windows Enterprise
- Enterprise Mobility + Security (EMS)
- Azure services (committed or pay-as-you-go)
- Microsoft Power BI
Or any alternative business intelligence platform used for data connectivity, dashboards, and reporting.
For each of the above areas, I kindly request the following:
- Who is the existing supplier for this contract?
- What is the annual spend for each contract?
- What is the description of the services provided?
- Primary brand (where applicable)
- What is the start date of the contract?
- What is the expiry date of the contract?
- What is the total duration of the contract?
- Who is the responsible contract officer?
- Please include at least their job title, and where possible, name, contact number, and direct email address
- How many licences or users are included (where applicable)?
Important Notes
- I do not request any technical specifications such as device models, serial numbers, IP ranges, or site-level infrastructure details that may pose a security or operational risk.
- >If full disclosure of named personnel is not possible under Section 40 of the FOI Act, I would still appreciate disclosure of job titles and generic contact information, such as a team inbox or switchboard extension.
- If any commercial sensitivities under Section 43 apply, I respectfully request a clear explanation of the specific harm expected from disclosing aggregated annual spend or supplier names, especially where the contract has already been awarded.
- This request is made in line with the principles of the Procurement Act 2023, which reinforces the importance of transparency and public access to contract information, particularly around supplier identity, contract value, and duration.
NHSCFA response
- Standard Firewall (Network)
Firewall services that protect the organisation’s network from unauthorised access and other internet security threats.
- Network firewalls are provided as part of an outsourced network contract which is owned and managed by the NHSBSA under an MOU.
- All other firewalls are configured within and as part of our cloud infrastructure supported by a CSP. They are not procured separately from that cloud infrastructure.
- Anti-virus Software Application
Programs designed to prevent, detect, and remove viruses, malware, trojans, adware, and related threats.
- >End-user AV application and support is provided to the NHSCFA under a central agreement/contract owned and managed by NHS England. We do not procure AV software separately.
- Microsoft Enterprise Agreement
- Microsoft Power BI
All NHS Counter Fraud Authority contract information is published at www.contractsfinder.service.gov.uk
Microsoft Enterprise Agreement - Contracts Finder
NHSCFA Microsoft Licence Solution Partner - Contracts Finder
The M365 licenses include Power BI. NHSCFA does not have Power BI under a separate agreement or contract.
The NHSCFA Technology Unit has responsibility for the contracts. Any enquiries should be sent to enquiries@nhscfa.gov.uk and the request will be passed to the responsible officer.