Maintenance, servicing, and repair of security systems for the road accident fund (raf)

The Service Provider will handle RAF's confidential, private, personal, or sensitive information (files, data, documents) and must comply with the Protection of Personal Information Act (POPIA).

Must have policies and protocols in place to comply with RAF requirements and POPIA.

Must demonstrate capability to implement and maintain physical, digital, and cybersecurity measures.

Must have secure transportation, storage, and access control systems for confidential documents.

Must agree to RAF’s right to audit, monitor compliance, and conduct security vetting.

Must have a documented incident response plan and breach reporting procedures.

Subcontractors (if used) must meet the same eligibility and compliance standards.

The Service Provider must comply with the Protection of Personal Information Act (POPIA).

The Service Provider must implement comprehensive data protection and cybersecurity measures as required by the RAF's security policy. Key requirements include:

• Handle and process personal and sensitive data in compliance with applicable data protection laws.
• Implement safeguards against unauthorised access, disclosure, alteration, and destruction of data.
• Immediately inform the RAF of any data breaches or security incidents.
• Ensure subcontractors or third parties adhere to the same data protection and cybersecurity standards.
• Cooperate with RAF audits and monitoring of compliance.
• Maintain physical security measures including controlled access, surveillance, and 24/7 monitoring for document storage facilities.
• Have a fire suppression system (e.g., carbon dioxide fire extinguishers) on premises to protect documents.
• The RAF reserves the right to conduct security screening or vetting of company directors and resources.

The Service Provider's premises must have:

• A fire suppression system or similar (e.g., carbon dioxide fire extinguishers) to prevent damage or loss of documents in case of fire.
• Physical security measures including a secure perimeter, controlled access, surveillance systems, secure doors, locks, and alarms to prevent unauthorised access.

The Service Provider must adhere to RAF's security policy, which includes:

• Implementing robust data protection and cybersecurity measures.
• Reporting security incidents or data breaches to RAF promptly.
• Ensuring subcontractors comply with the same standards.
• Cooperating with RAF audits and monitoring.
• The RAF reserves the right to audit compliance and conduct security screening of directors and resources.

The Service Provider must implement specific security measures for handling RAF's confidential information, including:

• Secure document handling and transportation using lockable containers and a secure transportation system.
• Accurate record-keeping for document location, access history, and retention.
• Secure retrieval protocols verifying requester identity.
• Secure storage in lockable cabinets.
• Controlled and monitored access for authorised personnel only.
• Network security with firewalls, intrusion detection, and encryption.
• Document access control on a need-to-know basis.

Closing date and time: 18 June 2026 at 15:00. RFQ issued date: 11 June 2026. RFQ validity period: 30 days from the closing date. Expected service start date: From the date of the last signatory. No compulsory briefing session or site visit is scheduled.

Submission email: [email protected]. Enquiries email: [email protected]. Delivery address: RAF Head Office, 420 Witch Hazel Avenue, Eco-Glades 2, Centurion, 0046.

Submit your quotation via email to [email protected]. Failure to use this email address will result in disqualification. Late submissions will not be accepted. Ensure all Annexures (Standard Bidding Documents and Mandatory Evaluation documents) are completed and signed. If not contacted within 14 working days of the RFQ closing date, consider your quotation unsuccessful.

Scope: Maintain, service, and repair security systems at RAF Head Office on a month-to-month basis for up to 12 months. Frequency of visits: Once a week for most tasks, with ad-hoc requirements as needed. Technicians required: 4 per visit. Detailed tasks include: Access Control Database Maintenance: Analyze alarm reports, backup/restore data, archive offsite. Access Control Hardware: Clean equipment, check wiring, power supply, battery runtime, fingerprint readers, and release buttons. Turnstiles: Check functionality, clean, tighten components, service mechanisms. Boom Gates: Check functionality, wiring, rubber stops, screws, beams, timers, and service mechanisms. DVR/NVR: Verify recording time/date, clean equipment, adjust cameras, defrag drives. Cameras: Adjust/clean, check wiring, backup/restore data, archive offsite. CCTV Monitors: Check functionality, clean, verify wiring, panic buttons, and battery runtime. Alarm System: Check functionality, clean, verify wiring, panic buttons, and battery runtime. Intercom: Check functionality, clean, verify wiring and headsets. X-Ray Machines: Check condition, battery runtime, service mechanisms. Walk-Through Metal Detectors: Check condition, clean, service mechanisms. Fixtures: Inspect, repair, or replace as needed. Training and Support: Provide quarterly training to RAF employees. Monthly Maintenance Report: Submit a detailed report each month. Response Times: Priority 1 (Urgent): 1 hour. Priority 2 (High): 2 hours. Priority 3 (Medium): 3 hours. Priority 4 (Low): Normal schedule. Additional Requirements: Provide a job card for all visits. Supply hourly rates for work outside normal hours. Provide invoices for replacement parts.

Pricing must be in South African Rand (ZAR) and VAT-inclusive if VAT-registered. Non-VAT-registered suppliers must not charge VAT or risk disqualification. Complete the pricing table in Annex E for evaluation. Only prices in the table will be considered; incomplete tables will lead to disqualification. No price changes allowed after the Award Letter/Purchase Order (PO) is issued. Additional costs: Call-out fee: R per instance. Labour rate (during working hours): R per hour (specify working hours). Labour rate (outside working hours, including weekends/public holidays): R per hour. Travel rate: R per km (up to 50 km, based on AA rates approved by SARS). Material markup: Specify percentage for hardware (must provide supplier quotations for verification).

Mandatory compliance documents: Valid PSIRA letter of good standing for the company and all directors. Valid PSIRA certificate for the registered company. Valid COIDA letter of good standing (not older than 12 months) for categories including Security Systems, Biometrics, CCTV, Access Control, Fire Detection, Electrical Installation, Security Alarm Systems, IT, Software Installation, Burglar Alarm Installation, Electronic Security Solutions, and Security Equipment Installation. Tax compliance: Must be in good standing with SARS. CSD registration: RAF will only conduct business with CSD-registered suppliers. B-BBEE: Points for HDI (51%+ ownership), women (51%+ ownership), or disability (51%+ ownership) will be verified via CSD. Disability proof: Valid medical certificate required for disability claims. Anti-collusion: Submitting multiple proposals from entities with common directors/shareholders will result in disqualification. Anti-corruption: Prohibited from offering gifts, hospitality, or benefits to RAF officials. Report any solicitation to the RAF fraud line at 0800 005919 or risk being blacklisted.

The successful bidder must comply with the Occupational Health and Safety Act. A valid COIDA letter of good standing (not older than 12 months) is mandatory for categories including Security Systems, Biometrics, CCTV, Access Control, Fire Detection, Electrical Installation, and related fields.

Mandatory compliance requirements: 1. Valid PSIRA letter of good standing for the company and directors. 2. Valid COIDA letter of good standing (not older than 12 months) for relevant security categories. 3. Valid PSIRA certificate for the registered company. All documents must be submitted by the RFQ closing date and time. RAF reserves the right to validate all submissions.

Delivery address for goods/services: RAF Head Office, 420 Witch Hazel Avenue, Eco-Glades 2, Centurion, 0046.

The extracted text does not contain the tender description. The tender title indicates: Security systems maintenance, service and repair on a month-to-month basis for a period not exceeding twelve (12) months.

Department: Supply Chain Management. No specific contact name, email, phone, or physical address provided in the extracted text.

The extracted document contains only SBD4 (Bidder's Disclosure form). No specific submission guidelines, deadline instructions, or returnable document list were found in the provided text. Bidders must obtain the complete tender document for full submission requirements.

Persons or enterprises listed in the Register for Tender Defaulters and/or List of Restricted Suppliers will automatically be disqualified. Bidders must not have any director/trustee/shareholder employed by the state without disclosure. Bidders must not have undisclosed relationships with procuring institution employees. Bidders must not have collusive arrangements with competitors. All certifications must be accurate - false declarations may result in bid rejection or legal action.

SBD4 Bidder's Disclosure requirements identified:

• Bidders listed on the Register for Tender Defaulters or List of Restricted Suppliers will be automatically disqualified
• Bidder must declare if any directors/trustees/shareholders/members/partners or persons with controlling interest are employed by the state
• Bidder must declare any relationship with persons employed by the procuring institution
• Bidder must declare any interest in other related enterprises
• Bidder must certify that the bid was submitted independently without consultation, communication, agreement or arrangement with any competitor regarding quality, quantity, specifications, prices, market allocation, or bidding intention
• False declarations may result in referral to the Competition Commission, National Prosecuting Authority, or restriction from public sector contracts for up to 10 years under the Prevention and Combating of Corrupt Activities Act

SBD4 Declaration Requirements:

• Complete declaration if bidder or any director/trustee/shareholder/member/partner with controlling interest is employed by the state (furnish names, identity numbers, employee numbers)
• Declare any relationship with persons employed by the procuring institution
• Declare any interest in other related enterprises
• Certify bid was arrived at independently without consultation or arrangement with competitors
• Certify no disclosure of bid terms to competitors prior to bid opening
• Certify no improper communication with procuring institution officials during the process
• Accept consequences under PFMA SCM Instruction 22 if declaration is false