Software as a Service (SaaS) Procurement
Obtain approval for digital procurement by completing a Work Request Form
On approval of request for procurement please engage with the following people/ teams to complete these essential requirements to start the procurement process.
The list below gives an indication of the processes and requirements with the relevant teams who will be able to guide you through the process depending on the product being procured. Please establish contact with each of those listed below simultaneously as the engagement itself is not sequential.
Software as a Service (SaaS) procurement phases
| Product selection & procurement* | Contract | Implementation |
|---|---|---|
| 2 months to 1 year | 1 to 3 months | 1 to 3 months |
*The timescales provided are indicative and could take considerably longer depending on the complexity of the product being procured and the procurement route selected e.g. a framework call off will generally be quicker than a standalone, open market procurement.
Early engagement with the procurement team is essential to ensure that timescales can be more accurately estimated. Early Engagement will also ensure that all procurement options can be considered – not just those that “work” within the remaining timescales.
Product selection and procurement
GDS spend control approval and delivery to service standards
Contact
Nikki Wilson and Rumman Amin (Digital)
Activities
- Spend control pipeline entry
- Self-assessment form
- End of discovery review
- Assurance plan (service standard assessment)
Duration: 2 weeks
Legal requirements for public sector procurement process.
Early engagement with procurement increases the likelihood of a successful procurement outcome.
Contact
David Minto (Procurement)
Activities
- Market engagement discussion
- Procurement route (framework or not)
- Procurement process
Duration: 2 weeks to 5 months
Legal and procurement process and contract
Contact
Helen Makin (Legal) legalland@homesengland.gov.uk
(Will be supplemented by the new Commissioning Form process)
Activities
- Pre-legal checklist
Duration: 2 weeks to 5 months
Compatibility with agency’s digital architecture, standards and principles and GDS technical code of practice
Guidance for non-digital project managers for engaging with InfoSec and Infrastructure (points 5 and 7 below)
Contact
Phil Gillibrand (Architecture)
Activities
- End-to-end design
- TDA approval
Duration: 3 weeks
Protect the agency’s digital systems and security of commercially sensitive data.
Assess the confidentiality, integrity and availability of the data stored and used.
Assess viability of the supplier.
Compliance with end-user license agreement, suitable for use in a commercial environment.
Contact
Robert Tong
Activities
- 3rd party questionnaire
- Non-standard software request form (if applicable)
- Data Protection Impact Assessment (DPIA)
- Review of legal contracts
Duration: 3 weeks
Data Protection and Privacy management of personal data
Contact
Activities
- Data Protection Impact Assessment (DPIA)
- Review of legal contracts
Duration: 2 weeks
Data transfer and connection to existing systems, single-sign-on, hosting server
Contact
Matt Palmer (Infrastructure)
Activities
If answer to any of the below is yes, please provide a technical specification document from the supplier
- Transfer of data from existing system or connection to existing system is required
- Users need to access the service without additional log-in
- Server is required to host the new service
Duration: 2 weeks
Discuss the post launch customer support and product development roles, responsibilities and requirements.
Contact
Simon Devine (Operations)
Activities
If answer to any of the below is yes, please provide a technical specification document from the supplier
- Who supports the product if something goes wrong?
- Notification
Duration: 2 days
Implications of data storage, access, reporting and connection to existing systems
Contact
James Dickman (Data)
Activities
- Data questionnaire
Duration: 2 days
Confirm funding source and cost centre.
Contact
DigitalPMOInbox@homesengland.gov.uk or Finance Business Partner
Activities
- Funding approval and cost centre allocation
Duration: 3 weeks
Contract
Delivery to GDS service standards
Contact
Nikki Wilson and Rumman Amin (Digital)
Activities
- End of Alpha review
- Spend control review
Duration: 2 weeks
Verify compliance with DPO and InfoSec requirements, draw up the contract
Contact
Helen Makin and legalland@homesengland.gov.uk
(Will be supplemented by the new Commissioning Form process)
Activities
- Contract
Duration: 2 weeks to 3 months
Contract details completion
Contact
Jill Tulip (Information Security)
Activities
- Contract approval sign-off form
- Contract instruction legal sheet
Duration: 2 days
Implementation
Delivery to GDS service standards
Contact
Nikki Wilson and Rumman Amin (Digital)
Activities
- End of Beta review
- Spend control review
Duration: 2 weeks
Legal obligation
Contact
DPO (Legal services)
Activities
- Record of Processing Activities (RoPA)
- Guidance on comms around rollout
- Privacy notice
Duration: 1 week
Data transfer and connection to existing systems, single-sign-on, hosting server
Contact
Matt Palmer (Infrastructure)
Activities
- Data connection transfer from existing system or connection to existing system
- Single sign-on for users
- Server to host the new service
Duration: 1 to 4 weeks
Create a ServiceNow entry (option when creating issue), catalogue entry (create a form specifically for the product) and resolver group
Contact
Simon Devine (Operations)
Activities
- Service request
Duration: 1 to 4 weeks
License management, renewal and compliance
Contact
Jill Tulip (Information Security)
Activities
- Update Software Asset Management tool (Service Now)
Duration: 1 day
Data flow connections and training
Contact
James Dickman (Data)
Activities
- Data flow between existing systems, running reports, training, contacts
Duration: 1 to 4 weeks