Project Overview

Organisation: XXX
Contract Title: National Intelligent Transport Infrastructure Modernisation Programme
Contract Value: £100 million over 7 years
Risk Level: High value / high risk
Procurement Route: Competitive Procedure with Negotiation (CPN) under the Public Contracts (Scotland) Regulations
Supplier: Large multi-national infrastructure and ICT provider
Purpose: Upgrade national network of roadside sensors, traffic management systems, and data platforms to improve safety, analytics, and real-time public information.

Why the Contract Was High-Risk

Strategic and Operational Importance

• This infrastructure underpins safety-critical systems (e.g., variable speed limits, incident detection)
• Failure would have direct public safety impact

Complex Multi-Technology Solution

• Integration of ageing legacy infrastructure with new digital systems
• Significant cyber security requirements
• Dependence on interoperability between multiple Scottish public bodies

Supplier Market Conditions

• Very limited supplier market (only 3 global providers)
• Known risk of over-reliance on one provider creating long-term lock-in

Financial & Commercial Exposure

• Long-term technology contracts historically have cost-creep risks
• Supplier previously had delivery delays on large UK programmes

Procurement Stage Risk Management

Early Market Engagement

XXX conducted:

 Prior Information Notice (PIN) with supplier briefings

• Discovery sessions with potential suppliers to test feasibility and innovation
• Publication of standardised SPD statements for consistent supplier responses

Robust Specification & Outcomes-Based Requirements

• Performance standards for system up-time, incident detection accuracy, and data latency
• Mandatory cyber-security controls aligned to Scottish Government Cyber Resilience Framework
• Clear exit and data handover requirements to prevent supplier lock-in

Multi-Stage Evaluation

• Technical capability weighting = 65%
• Commercial/price weighting = 35%
• Inclusion of scenario-based assessments and live demonstrations of key functionalities

Detailed Risk Allocation

• Supplier responsible for system performance and integration
• Authority retained responsibility for policy, governance, and network access permissions
• Shared risk register established before contract award

Contract Management Framework (Post-Award)

Governance Structure

Strategic Level (Quarterly)

• Senior Responsible Owner (SRO)
• Supplier’s Programme Director
• Independent Assurance Consultant
• Focus on: strategic risks, contract changes, long-term road map

Tactical Level (Monthly)

• Contract Manager
• Supplier Account Manager
• Performance and risk leads
• Review of KPIs, milestones, financials, workforce, supply chain, and cyber security posture

Operational Level (Weekly)

• Project delivery teams
• Issue logs, work package progress, testing results

 Key KPIs and Performance Measures

Contract Management Issues & Response

Issue 1: Supplier Delays on Critical Milestones

The Supplier fell 9 weeks behind schedule during Phase 1 due to shortages in specialist engineers.

Mitigation Actions

• Invoked the contract’s remedy plan clause requiring a detailed recovery plan within 10 working days
• A joint task-force was created including XXX technical specialists
• Supplier re-allocated additional resources from EU teams at their own cost
• Milestone re-baselining approved with no increase in contract price

Issue 2: Cyber security Vulnerability

Independent assurance testing discovered a medium-severity vulnerability in the cloud analytics module.

Mitigation Actions

• Immediate escalation to Strategic Board
• Supplier required to deploy emergency patch within 72 hours (as per contract)
• Additional penetration testing introduced quarterly

Issue 3: Supplier Financial Health Concerns

Market analysis revealed the Supplier parent company experienced losses in two consecutive quarters.

• Mitigation Actions
• Financial monitoring increased from quarterly to monthly
• Supplier required to provide updated financial statements and parent-company guarantees
• Contingency planning for partial or full supplier failure (including alternative suppliers and in-sourcing scenarios)

Continuous Improvement and Social Value Delivery

The supplier delivered several social and economic benefits:

• Apprenticeship programme with Scottish colleges (14 apprentices across digital engineering)
• Local supply chain development with 22 Scottish SMEs
• Traffic safety educational sessions delivered to schools in deprived areas.
  XXX tracked these commitments quarterly against the Fair Work and Community Benefits requirements

Contract Close-Out & Lessons Learned

Positive Outcomes

• National intelligence transport system modernised on time (after early recovery) and on budget
• Incident response times improved by 19%
• Availability levels exceeded the contractual requirement (achieved 99.95%)

Key Lessons Learned

1. Early, structured risk allocation prevented costly disputes later
2. Strong governance enabled quick escalation and resolution of issues
3. Independent assurance was critical to managing a complex digital contract
4. Market concentration risk must be continually monitored
5. Embedding exit planning from the start avoided long-term dependency