PCD 1798 Delivery of Modern Management for laptops

This paper requests approval to implement a more user-friendly, simpler and more efficient cost-effective cloud-based approach, known as ‘Modern Management’, for the deployment and ongoing management of laptop and desktops Windows based user devices. 

The Deputy Mayor for Policing and Crime, via the Investment Advisory and Monitoring meeting (IAM), is asked to: 

• Approve the implementation of modern management approach to build, deploy and manage Windows laptop and desktop user devices at a capital cost of £9.622m fully funded from the MOPAC approved DDaT Capital plan. 

PART I - NON-CONFIDENTIAL FACTS AND ADVICE TO THE DMPC 

1. Introduction and background 

1. The Met currently build and configure devices in a traditional and way requiring a ‘build centre’ and additional infrastructure. A move to a modern management approach will reduce costs, enable quicker deployment and introduce new capabilities such as biometric access that make it easier to log-on and improves security.  

2. Current MPS software stack including connectivity solution, desktop operating system and a number of components require replacement. Rather than replace on a like-for-like basis, an approach has been identified that provides business benefit and a better value offer with running cost savings that offset much of the investment required over time. 

3. The approach uses Microsoft cloud-based capabilities and is aligned to the Police Digital Service national blueprints.  

2. Issues for consideration 

1. A minimum viable product (MVP) solution has been proven to work in the Met environment. 

2. Moving to a Windows modern management approach offers numerous benefits, particularly in alignment with the New Met for London strategy. One of the primary advantages is the reduction in build and service costs over the medium term. By transitioning from legacy hardware and software management platforms to modern cloud solutions like Autopilot and Intune, DDaT can streamline processes and reduce the need for more expensive and inefficient build and deployment services. 

3. Financial Comments 

1. Commercially sensitive finance, commercial and legal detail has been redacted. This information is contained in the restricted section of the report. This is to ensure a compliant procurement process.  

2. The implementation of modern management approach to build, deploy and manage Windows laptop and desktop user devices at a capital cost of £9.622m fully funded from the MOPAC approved DDaT Capital plan.  

4. Legal Comments 

1. The Mayor’s Office for Policing and Crime (“MOPAC”) is a contracting authority as defined in the Public Contracts Regulations 2015 (“the Regulations”).  All awards of public contracts for goods and/or services valued at £214,904 or above shall be procured in accordance with the Regulations. This report confirms the value of the proposed contract exceeds this threshold.     

2. The routes to market are compliant with the Regulations and the proposed services are within the financial and technical scopes. 

5. Commercial Issues  

1. Devices can be compliantly procured via existing DDaT contracts however, where shown to be commercially beneficial, new contracts may be awarded.  More information is contained in the Part 2. 

2. This paper recommends the utilisation of the MPS existing managed service provider contracts to fulfil the requirements of this project.  

3. It has been confirmed that while the requirement is not within the scope of the core service charges of the managed service provider contract and is not available as a catalogue service offering, an amendment of those contracts is permitted.  

4. To determine that best value-for-money is achieved, a benchmarking activity against market options has been completed as well as reviews against previous projects of similar scale and complexity. Further information is contained in the restricted section of the report. 

6. GDPR and Data Privacy 

1. The MPS is subject to the requirements and conditions placed on it as a 'State' body to comply with the European Convention of Human Rights and the Data Protection Act (DPA) 2018. Both legislative requirements place an obligation on the MPS to process personal data fairly and lawfully in order to safeguard the rights and freedoms of individuals.  

2. Under Article 35 of the General Data Protection Regulation (GDPR) and Section 57 of the DPA 2018, Data Protection Impact Assessments (DPIA) become mandatory for organisations with technologies and processes that are likely to result in a high risk to the rights of the data subjects.  

3. The Information Assurance and Information Rights units within MPS will be consulted at all stages to ensure the programme meets its compliance requirements.  

4. The programme does not use personally identifiable data of members of the public, so there are no GDPR issues to be considered. 

7. Equality Comments   

1. MOPAC is required to comply with the public sector equality duty set out in section 149(1) of the Equality Act 2010. This requires MOPAC to have due regard to the need to eliminate discrimination, advance equality of opportunity and foster good relations by reference to people with protected characteristics. The protected characteristics are: age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex and sexual orientation. 

2. There are considered to be no negative equality or diversity implications arising from the award of contracts. 

8. Background/supporting papers 

None. 

Part 2 - This section refers to the details of the Part 2 business case which is NOT SUITABLE for MOPAC Publication.   

The Government Security Classification marking for Part 2 is: 

OFFICIAL-SENSITIVE [COMMERCIAL]  

Part 2 of the Delivery of Modern Management of End User Devices proposal is exempt from publication for the following reasons:  

Exempt under Article 2(2)(a) of the Elected Local Policing Bodies (Specified Information)  

• Order 2011 (Data Protection Section 43 - Trade Secrets and Prejudice to Commercial Interests).  

• Order 2011 (Data Protection Section 40 – Data Protection & Personal Information).  

• Order 2011 (Data Protection Section 42 – Legal Professional Privilege).  

The paper will cease to be exempt upon completion of the contract. This is because the information is commercially sensitive and could compromise future procurement activity.