Winning UK public sector AI tenders: a guide for SME suppliers
UK public sector AI procurement is dominated by Crown Commercial Service (CCS) frameworks, with G-Cloud and Digital Outcomes and Specialists (DOS) the two routes most SME AI suppliers need to be on. Public buyers also expect a clear baseline of security certifications, data protection evidence, and alignment with the DSIT AI Playbook published in February 2025. SMEs that can demonstrate this baseline alongside named delivery outcomes win more often than larger competitors. This guide covers which frameworks to register on first, when G-Cloud beats DOS, the security and governance evidence buyers actually score, how the AI Playbook shapes evaluation, and the bid failure modes we see most often in 2026.
Which UK public sector frameworks should AI suppliers be on?
The two anchor frameworks for AI suppliers selling into UK government are the Crown Commercial Service G-Cloud framework (currently in its fourteenth iteration, G-Cloud 14, with refresh cycles approximately every 12 months) and the Digital Outcomes and Specialists framework (now operating under successor arrangements as DOS 6 and follow-on iterations). Both are operated by Crown Commercial Service, the central buying organisation for UK government, and both make up a substantial share of the SME-accessible public sector AI spend in 2026.
G-Cloud is the framework for cloud-hosted software, hosting, and cloud support services sold on a published rate-card basis. AI products sold as a SaaS subscription, AI-powered cloud services, and supporting cloud consulting all map naturally to G-Cloud lots. DOS is the framework for outcome-based digital delivery: an SME bidding to design, build, or operate a digital service for a public buyer typically does so through DOS rather than G-Cloud. AI capabilities embedded inside a wider digital build (a service team building an AI-assisted application, for example) usually sit inside a DOS opportunity rather than as a standalone G-Cloud purchase.
Beyond the two anchor frameworks, suppliers may also encounter the Spark DPS (digital procurement of innovative technology), sector-specific frameworks (NHS Shared Business Services for healthcare, for example, or local authority frameworks operated by YPO and ESPO), and one-off competitive procurements run under the Procurement Act 2023 (which came into force on 24 February 2025). The shape of the procurement market changes year on year as new frameworks launch and existing ones refresh; if a framework detail cannot be verified against an official source at the time of writing, treat it as indicative and confirm against the CCS website before basing a go-to-market decision on it.
Practical sequencing for an SME AI supplier in 2026: register on G-Cloud at the next refresh window with a small number of well-defined service entries, treat DOS opportunities as case-by-case bid decisions rather than a permanent presence, and watch sector frameworks for fit. For an end-to-end view of enterprise-scale AI procurement, see our enterprise AI service.
G-Cloud vs Digital Outcomes and Specialists: which fits an AI build?
G-Cloud is the right framework when the supplier is selling a productised cloud capability with a published rate card; DOS is the right framework when the buyer needs an outcome built or a team supplied for a defined period. The mistake suppliers make most often is to default to G-Cloud because it is easier to register on, and to miss DOS opportunities that better match what they actually deliver.
| Engagement shape | Better-fit framework | Why |
|---|---|---|
| Productised AI SaaS subscription, hosting, cloud support | G-Cloud | Sold on rate card, no bespoke build, instant call-off after framework selection |
| Buyer needs a digital service built or operated for them | DOS | Outcome-based bid, named team and approach, time-boxed delivery |
| Buyer needs a specialist (data scientist, ML engineer, ethics lead) for a fixed period | DOS Specialists lot | Day-rate engagement against a role profile |
| Innovation pilot, novel use case, no clear off-the-shelf fit | Spark DPS or competitive procurement | G-Cloud and DOS assume a more mature product or service fit |
G-Cloud opportunities are short. A buyer searches the Digital Marketplace, shortlists a small number of services that meet the requirement, and awards. The supplier sees the requirement only at the call-off stage, often with a 2 to 4 week response window. The competitive edge on G-Cloud comes from clear, jargon-free service descriptions, accurate and competitive day-rates or unit pricing, and answers to the standard buyer questions on data residency, security certifications, and exit and offboarding terms.
DOS opportunities are longer and more involved. Suppliers respond to a written brief with a method statement, named team, day-rates per role, and worked examples. Shortlisted suppliers are typically invited to a clarification or written assessment stage. The competitive edge on DOS comes from named, relevant case studies, a delivery method aligned to the GDS Service Standard where applicable, and a clear answer on how the team will integrate with the buyer's existing service team. For complementary implementation guidance, see our AI implementation service.
What baseline security and governance does a public buyer expect?
The minimum baseline expected of a UK public sector AI supplier in 2026 is Cyber Essentials Plus, ISO 27001 certification or a documented equivalent information security management system, UK GDPR compliance evidenced through a current Data Protection Impact Assessment (DPIA) for the proposed processing, and a clear statement on data residency. Buyers handling more sensitive categories (NHS patient data, criminal justice data, certain Home Office workloads) will require more.
Cyber Essentials is a UK government scheme administered by the National Cyber Security Centre (NCSC) through accredited certification bodies. The base Cyber Essentials certification is the floor for most central government work; Cyber Essentials Plus adds independently verified technical assessment and is required for supplier engagements involving more sensitive data or where the buyer's procurement policy mandates it. Plan on annual renewal for both. ISO 27001 certification is the international standard for information security management systems; for many buyers it is required outright, and for the rest it is a strong scoring factor in evaluation.
For staff working on UK public sector contracts, several roles require security clearance. BPSS (Baseline Personnel Security Standard) is the entry-level check expected of most supplier staff. SC (Security Check) clearance is typically required for staff with regular access to SECRET-level information; CTC and DV are higher levels relevant to a smaller subset of work. The lead time for SC clearance is several months, and only certain employers can sponsor candidates through the process. IR35 status determination is a separate workstream that public buyers handle as part of the contract.
For AI-specific governance, buyers increasingly expect a documented model risk position covering training data provenance, hallucination and bias mitigation, human oversight points, monitoring and incident response, and a fair-use position on training data. The relevant adjacent UK references are the ICO's guidance on AI and data protection, the NCSC's guidance on the secure use of AI, and the DSIT AI Playbook (covered next). For the wider compliance picture, see our 2026 UK AI compliance checklist and our ISO 42001 AI management system guide.
How does the DSIT AI Playbook shape evaluation?
The DSIT AI Playbook for the UK government, published in February 2025 by the Department for Science, Innovation and Technology with the Central Digital and Data Office, is the canonical reference for how public sector buyers should think about AI deployment. It sets out ten principles covering meaningful human control, model lifecycle management, transparency, security, public engagement, ethics, value for money, openness, lifecycle accountability, and capability building. Public buyers reference these principles in evaluation criteria, and a supplier bid that demonstrates alignment to them tends to score better than one that ignores them.
The practical implication for an SME bid is that the Playbook gives suppliers a free framework for the governance section of any proposal. Where a buyer's evaluation criteria are not explicit on AI governance, structuring the supplier's response around the ten Playbook principles puts the bid in the language the evaluators are reading every day. Where the evaluation criteria are explicit, mapping each criterion to the relevant Playbook principle in the response makes the evaluator's scoring job easier and is usually rewarded.
Three Playbook themes do most of the work in evaluation. Meaningful human control means specifying where a human reviews, approves, or overrides AI output and how that workflow is evidenced in audit logs. Lifecycle management means showing that the supplier monitors the model in production for performance drift, bias, and security regressions, and that there is a documented process to retrain or roll back. Transparency means giving the buyer (and ultimately the public) a clear, jargon-free explanation of what the AI does, what data it uses, and what its limitations are.
The Playbook is not a procurement requirement in its own right, but it is the lens through which buyers in central government departments interpret value-for-money, ethics, and risk in AI procurements. An SME bid that quotes the Playbook directly, addresses each of the ten principles in proportion to the procurement, and provides a worked example of each in the supplier's existing delivery is materially harder to mark down than a bid that does not. For a worked public sector AI delivery example, see the Essex Parish Councils case study.
What are the most common bid failure modes?
Five failure modes account for most lost SME AI bids in UK public sector procurement. The first is missing security evidence: a supplier responds without Cyber Essentials Plus or ISO 27001 in place and is screened out before the technical evaluation. The second is generic case studies: the worked examples are commercial-sector deployments with no public sector or regulated industry analogue, and the evaluator cannot map them to the buyer's context. The third is vague pricing: rate cards or cost models that hedge so heavily on assumptions that the evaluator cannot compare them to other bidders.
The fourth and fifth are more specific to AI. Fourth, an unclear position on training data and model lifecycle: the bid does not say whether buyer data is used to train the supplier's models, where the model is hosted, what the data residency position is, what happens to the data on contract termination, or how the model is monitored in production. Fifth, no named outcomes: the bid promises capability ("we will deploy AI") without committing to a measurable outcome ("the system will reduce average case-handling time from X to Y, measured against a baseline established in week 4"). For the broader strategy work that should sit behind a bid, see the strategy section of the Knowledge Hub.
Frequently asked questions
- Which framework should an SME AI supplier register on first?
- G-Cloud is usually the right first framework because the registration burden is lower, the call-off cycle is short, and a wide range of AI SaaS and cloud consulting fits naturally onto it. DOS is worth registering on if the supplier delivers outcome-based digital projects or supplies named specialists, but the response burden per opportunity is higher. Watch the CCS refresh schedule for both, as missing a refresh window means waiting until the next iteration.
- Is Cyber Essentials enough, or do I need Cyber Essentials Plus?
- Cyber Essentials is the floor for most central government work, but a growing share of opportunities (and almost all opportunities involving more sensitive data) require Cyber Essentials Plus. The independent assessment in CE Plus also adds credibility on commercial bids, so most SME AI suppliers selling into public sector eventually move to CE Plus regardless of the strict requirement. Plan on annual renewal and budget for the assessor cost.
- Do my consultants need SC clearance to work on UK public sector contracts?
- It depends on the workload. BPSS (Baseline Personnel Security Standard) is the entry-level check expected of most supplier staff and is straightforward to obtain. SC (Security Check) clearance is typically required for staff with regular access to SECRET-level information and takes several months to process. Only certain employers can sponsor candidates through SC; check with the contracting authority before assuming staff can be deployed on day one.
- What are typical day-rates for AI specialists on DOS?
- Day-rates on DOS vary widely by role seniority and clearance level, but published award data and CCS guidance set out indicative bands. SME suppliers competing on price should reference the latest CCS day-rate benchmarks rather than a commercial rate-card; bids that price materially above the published bands without clear justification tend to score poorly on value for money. Realistic ranges sit substantially below the equivalent rates charged by the largest systems integrators, which is part of the SME competitive advantage.
- Why do most SME public sector AI bids actually fail?
- The most common reasons are missing security evidence (no Cyber Essentials Plus or ISO 27001), generic non-public-sector case studies, vague pricing, an unclear position on training data and model lifecycle, and capability promises without measurable outcomes. Each is fixable before the bid; together they account for most preventable losses. The bids that consistently win combine a clean security baseline, public-sector-relevant case studies, transparent pricing, a clear AI governance position, and named outcomes the supplier is willing to be measured against.