People 13,000 +
Following a rigorous and detailed RFQ process, Nottingham City Council chose Chess as their partner to deliver a programme of penetration testing.
Chess was selected on a range of criteria including competitive pricing, technical expertise, experience and supplier fit.
Of particular note for the Council’s IT team was Chess’s willingness to engage closely during both the scoping and delivery phases, and their professional and seamless approach. What particularly impressed them was how easy the Chess team was to work with from start to finish.
The Business Challenge
As a member of the Government’s Public Services Network (PSN), Nottingham City Council is required to subject its network security infrastructure to a thorough annual health check. The person responsible for identifying the supplier to carry out the penetration testing is Mark Smith, Server Support Manager. The council has a policy of regularly rotating suppliers, and all new projects are put out to tendering or RFQ process by a minimum of three potential providers. have purchased which kinds of course for what reasons.
As an existing supplier of security solutions to the council, Chess was invited to submit a proposal, along with two other potential penetration testing service providers. A key factor used to evaluate bids is the final price of the solution – in common with all public sector organisations – but others include the supplier’s technical expertise, industry accreditations, track record, supplier fit and general approach to working with the council.
Chess won the bid on a combination of factors including its CREST accreditation, consultative approach, flexibility, track record and price competitiveness. After an exhaustive review of the competitive responses to the RFQ, which involved a second round of bids and a consultative negotiation, Mark Smith selected Chess to carry out an intensive two-week programme of penetration testing.
Mark was impressed with Chess’s approach during the bidding process, in particular with responses to questions concerning the submitted proposal. The overall quality of response from Chess, the price point, which was competitively priced and 2-3 times less expensive than rival bids, and the professionalism of the team involved all led Mark Smith to conclude that Chess should be entrusted with the penetration testing work.
From the initial engagement on scoping and pricing to prepping the council team and delivery of the testing, Chess showed a willingness to fit in the testing work around the Nottingham City Council IT team’s existing commitments.
While the technical work was being carried – both on site at the council offices and remotely – Chess showed complete thoroughness and professionalism in its work. Around the time that Chess started the penetration test work, two new members of staff had started in the council IT security team. Chess’s security engineer was happy to bring them in on the project and explain the testing process, the types of vulnerability being searched for and procedures for logging discrepancies and mitigating issues.
Mark Smith sums up Chess’s approach: Once the testing phase was complete, Chess delivered the report quickly. A team from Chess including a senior director presented the results to senior executives at Nottingham City Council, answered questions and provided interpretation and context for the scores. A
Asked whether they would use Chess for cybersecurity services again, the response from Mark Smith is an unqualified “Yes”.
"We needed to find a way to meet very tight budget constraints. Of the suppliers we spoke to, only Chess demonstrated what we felt was a genuine desire to engage with us to reach a workable solution for both parties. I’d recommend Chess not just for their expertise in the whole cybersecurity area, but for their personalised and professional approach."
Mark Smith, Server Support Manager, Nottingham City Council
How Can We Help?
You'll find lots of helpful information in our FAQ section, and you can contact us by email, via customer portal or by phone.
For general queries or to report a non-urgent fault, please log a ticket on our customer portal, here, using the email address associated with your account. (Email address reminders can be requested at: firstname.lastname@example.org) Logging a ticket is really quick and easy to do and once you have logged your ticket, we will respond within 24 hours or your Service Level Agreement, whichever is quicker
If you have an urgent fault, please call 0344 770 6000, and choose Option 2
To pay your bill, please call 0344 770 6000 and choose Option 3
To discuss new products or services, please call our specialist sales teams, on 0344 770 6000