Supporting ENISA for the provision of the EU Cybersecurity Reserve services to Union Entities

The European Union Agency for Cybersecurity (ENISA) has issued a call for tenders under the identifier ENISA/2025/OP/0007, focusing on the procurement of services to support the provision of EU Cybersecurity Reserve services for Union Entities. The estimated total value of the contract is €1,200,000, with a maximum duration of 36 months. This opportunity is categorized under an open procedure, and submissions are required to be sent electronically through the EU Funding & Tenders Portal.

The main classification for this tender is CPV 72000000, which encompasses IT services, including consulting, software development, and internet support. The tender seeks capable service providers with substantial cybersecurity expertise, and it is explicitly stated that it is not suitable for small and medium enterprises (SMEs). Quality will play a critical role in the selection process, with a weighting of 70% for quality and 30% for price.

Key dates include a submission deadline of October 31, 2025, at 10:00 Europe/Athens. The contracting authority will not respond to inquiries received after October 22, 2025, at 05:00 Europe/Athens. The documents necessary for submissions, including various annexes regarding administrative and technical specifications, subcontractor commitments, and financial offers, are available for potential applicants.

It is essential for bidders to carefully review the provided details and ensure that they adhere to all submission guidelines and deadline requirements. The project is positioned within operational stages, targeting the ongoing provision of established cybersecurity services rather than research or development initiatives. Overall, this tender represents a strategic move by ENISA to enhance the EU's cybersecurity infrastructure through expert service delivery.

The European Union Agency for Cybersecurity (ENISA) has published a call for tenders, ENISA/2025/OP/0007, to support ENISA in providing EU Cybersecurity Reserve services to Union Entities. This is an open procedure with electronic submission. The estimated total value of the contract is 1,200,000 EUR. The TED publication date was 01/10/2025. The lead contracting authority is the European Union Agency for Cybersecurity (ENISA). The main classification (CPV) is 72000000 - IT services: consulting, software development, Internet and support. The nature of the contract is for services, with a maximum contract duration of 36 months. The award method is best price-quality ratio, and it is a framework agreement without reopening of competition.

Key milestones include a TED publication date of 01/10/2025, a public opening date and time of 31/10/2025 at 13:00 Europe/Athens, and a deadline for receipt of tenders on 31/10/2025 at 10:00 Europe/Athens. The contracting authority is not bound to reply to questions submitted after 22/10/2025 at 05:00 Europe/Athens.

The available documents are:

EN01. EN-Invitation to tender ENISA2025OP0007 EUIBOAsInvitation letter, published on 01/10/2025, Version 1, No translations available.
EN02. Annex I Part 1 Administrative Specifications ENISA2025OP0007 EUIBOAsTender specifications - adm. part, published on 01/10/2025, Version 2, No translations available.
EN03. Annex I Part 2 Technical Specifications ENISA2025OP0007 EUIBOAsTechnical specifications, published on 01/10/2025, Version 1, No translations available.
ENAnnex 03 Agreement Power of attorney, Other invitation to tender document, published on 01/10/2025, Version 1, No translations available.
ENAnnex 04 List of identified subcontractors and proportion of subcontracting, Other invitation to tender document, published on 01/10/2025, Version 1, No translations available.
ENAnnex 05.1. Commitment letter by an identified subcontractor, Other invitation to tender document, published on 01/10/2025, Version 1, No translations available.
ENAnnex 05.2. Commitment letter by an entity on whose capacities is being relied, Other invitation to tender document, published on 01/10/2025, Version 1, No translations available.
ENAnnex 06 - Financial Offer F-OSU-25-T14, Financial offer form, published on 01/10/2025, Version 1, No translations available.
ENAnnex 07 Simplified Financial Statement, Other invitation to tender document, published on 01/10/2025, Version 1, No translations available.
ENAnnex 08 Project References List, Other invitation to tender document, published on 01/10/2025, Version 1, No translations available.

Submissions must be sent exclusively via electronic submission at the address provided.

Two questions and answers have been published:

Question 76125: Clarification requested on whether the tender is governed by section 3.1 (EU Cybersecurity Reserve) of the DEP Work Programme 2025-2027. Answer: The operational application of Appendix 3 of the Work Programme 2025-2027 on the Implementation of Article 12(5) for the procurement procedure at stake is detailed in the tender specifications. Published on 02/10/2025 22:30.
Question 75941: The document in the platform "02. Annex I Part 1 Administrative Specifications ENISA2025OP0007 EUIBAs" is incorrect. Answer: The respective document has been uploaded. Published on 01/10/2025 16:30.

In summary, this is a call for tenders by ENISA seeking support for the provision of the EU Cybersecurity Reserve services to Union Entities. It is an open procedure with a budget of 1.2 million EUR. The deadline for submitting tenders is October 31, 2025. The tender documents, including administrative and technical specifications, and necessary annexes for financial offers, subcontractor information, and project references, are available for download. Potential tenderers should pay close attention to the deadlines for submitting questions and the tender itself, and ensure they use the correct, updated versions of all documents. The tender is related to the EU Cybersecurity Reserve and the DEP Work Programme 2025-2027, as detailed in the tender specifications.

Eligible Applicant Types: The content does not explicitly specify the eligible applicant types. However, given that it is a call for tenders for services, it is likely open to economic operators such as companies, firms, including SMEs, and other organizations capable of providing the required IT and cybersecurity services.

Funding Type: Procurement. This is a call for tenders, which means it is a procurement procedure where the contracting authority (ENISA) is looking to purchase services from economic operators.

Consortium Requirement: The content does not explicitly state whether a single applicant or a consortium is required. However, the inclusion of documents like "List of identified subcontractors and proportion of subcontracting" and "Commitment letter by an identified subcontractor" suggests that consortia are permitted and potentially encouraged.

Beneficiary Scope (Geographic Eligibility): The content does not explicitly define geographic eligibility. However, given that it is an EU tender issued by ENISA, it is highly likely that the eligibility is primarily focused on entities within the EU and potentially the EEA.

Target Sector: The primary target sector is cybersecurity and IT services. The tender specifically mentions "Supporting ENISA for the provision of the EU Cybersecurity Reserve services to Union Entities" and the CPV code 72000000 refers to "IT services: consulting, software development, Internet and support".

Mentioned Countries: No specific countries are mentioned, but the opportunity is for "Union Entities," implying the European Union.

Project Stage: The project stage is for the provision of services, implying an operational or implementation stage rather than research or development. The services are intended to support the EU Cybersecurity Reserve, suggesting an ongoing or ready-to-implement project.

Funding Amount: The estimated total value of the tender is 1,200,000 EUR.

Application Type: Open call. The procedure type is explicitly stated as an "Open procedure".

Nature of Support: Non-monetary services. This is a procurement contract for services; therefore, the successful applicant will be providing services to ENISA rather than receiving money.

Application Stages: The content does not explicitly detail the number of stages. However, as a procurement procedure, it would typically involve at least two stages: submission of the tender and evaluation of the tenders.

Success Rates: The content does not provide information on success rates.

Co-funding Requirement: The content does not explicitly state whether co-funding is required. As a procurement contract, co-funding is generally not required.

Summary:

This is a call for tenders issued by the European Union Agency for Cybersecurity (ENISA) with the procedure identifier ENISA/2025/OP/0007. The tender aims to procure services to support ENISA in providing the EU Cybersecurity Reserve services to Union Entities. The estimated total value of the contract is 1,200,000 EUR, and the maximum contract duration is 36 months. The procedure type is an open procedure, and submissions must be sent electronically. The deadline for receipt of tenders is 31/10/2025 at 10:00 Europe/Athens. The award method is based on the best price-quality ratio, and the contract will be a framework agreement without reopening of competition. The tender is related to the DEP Work Programme 2025-2027, specifically concerning the EU Cybersecurity Reserve. The main classification (CPV) is 72000000, which refers to IT services, including consulting, software development, Internet, and support. Potential applicants should carefully review the administrative and technical specifications provided in the annexes to prepare a comprehensive and competitive tender. The contracting authority is not bound to reply to questions submitted after 22/10/2025 05:00 Europe/Athens.