Broad-Based Black Economic Empowerment Act (B-BBEE Act)
Act 53 of 2003
Provides the empowerment-compliance context often used in public-sector supplier evaluation.
Relevant because this is a South African public-sector procurement opportunity.
Documents available on tender detail page
Tender Type
Request for Quotation
Delivery Location
32 Jones Road, Airways Park, Johannesburg (Head Office) - Kempton Park - Isando - 1627
Organization Type
GOVERNMENT
Published
02 Jul 2026
OCDS Reference
ocds-9t57fa-160929
South african airways (pty) limited seeks a supplier to provide, implement, and operate the zscaler app and platform as a fully managed security service. This RFQ targets IT security vendors capable of delivering enterprise-grade cloud security solutions under a managed service model.
Date & Time
Friday, 10 July 2026 - 16:00
Venue
null
Categories
Request for Quotation
32 Jones Road, Airways Park, Johannesburg (Head Office) - Kempton Park - Isando - 1627
02 Jul
2026
Tender Published
Tender was published
10 Jul
2026
Closing Date
Tender closing date
These references help suppliers understand the public-procurement framework around this opportunity. They are generated from the tender category, issuing organisation type and procurement context.
Annexure 2 - SBD 4.pdf
South African Airways (Pty) Limited is requesting quotations for the supply, implementation, and operation of the Zscaler App and platform as a managed security service. The tender requires bidders to complete a disclosure form to ensure transparency, accountability, and compliance with South African legislation.
Median Estimate
R 2 053 181
Range
Based on 9 comparable awarded tenders. Companies with similar profiles typically bid near the median.
* Estimates are based on historical data and do not guarantee actual award values.
Learn how to submit a winning bid with these related articles
Win consulting, legal, accounting, and engineering service contracts with government. Learn registration requirements and proposal strategies.
Win government insurance, banking, actuarial, and financial consulting contracts. FSCA licensing requirements and tender strategies.
Master the art of the consulting bid. How to structure your methodology, price your services competitively, and score maximum evaluation points.
A professional guide for law firms to join the provincial and municipal legal panels in Gauteng, covering compliance, specialization, and bidding.
💡 Want more tendering tips and strategies?
Explore Our BlogTenders in this industry often require registration with these bodies.
Recommended Certifications
Having these can improve your winning chances: IITPSA Membership, ISO 27001 (Information Security Management), ISO 20000 (IT Service Management), CISSP
AI Document Analysis Stages
We refine every tender document through these stages so you can brief your team and prepare your bid with confidence. Anything marked as "in progress" will be upgraded automatically — no action required from you.
Evaluation Criteria
Source: Annexure 2 - SBD 4.pdf (TENDER)Non Default Status
Bidder must not be listed in the Register for Tender Defaulters or the List of Restricted Suppliers.
No State Employment Conflict
Bidder or its directors/trustees/shareholders must not be employed by an organ of state unless fully disclosed.
No Collusion
Bid must be prepared independently without any form of anti-competitive behavior.
CSDRegistration
All active companies linked to directors must be disclosed if registered in the Central Supplier Database (CSD).
Technical Specifications
Source: Annexure 2 - SBD 4.pdf (TENDER)This document is the SBD 4 (Bidder's Disclosure) form, not technical specifications for the Zscaler solution.
The SBD 4 form covers:
No technical specifications for the Zscaler managed security service are contained in this document.
Compliance Requirements
Source: Annexure 2 - SBD 4.pdf (TENDER)SBD 4 Disclosure Requirements:
Requirements
Source: Annexure 2 - SBD 4.pdf (TENDER)SBD 4 Declaration Requirements:
Section
Source: Annexure 2 - SBD 4.pdfNo evaluation criteria found in this document. This appears to be only the SBD 4 annexure.
These rules commonly apply to South African public-sector procurement.
Act 53 of 2003
Provides the empowerment-compliance context often used in public-sector supplier evaluation.
Relevant because this is a South African public-sector procurement opportunity.
Act 108 of 1996 (s217)
Sets the constitutional standard for fair, equitable, transparent, competitive and cost-effective public procurement.
Relevant because this is a South African public-sector procurement opportunity.
Act 5 of 2000
Covers preferential procurement and preference-point systems used in public tenders.
Relevant because this is a South African public-sector procurement opportunity.
Act 12 of 2004
Supports anti-corruption controls and supplier integrity in procurement processes.
Relevant because this is a South African public-sector procurement opportunity.
Act 28 of 2024
Provides the national framework for public procurement across government.
Relevant because this is a South African public-sector procurement opportunity.
Act 2 of 2000
Supports access to tender records, award decisions and public-sector procurement information.
Relevant because this is a South African public-sector procurement opportunity.
Act 3 of 2000
Supports lawful, reasonable and procedurally fair administrative tender decisions.
Relevant because this is a South African public-sector procurement opportunity.
This is general procurement context, not legal advice. Always verify requirements in the official tender documents and issuing authority notices.
RFQGSM~1.PDF
South African Airways (SAA) requests quotations for the supply, implementation, and operation of Zscaler App and platform as a managed security service. The scope includes Zscaler Internet Access (ZIA), Zscaler Digital Experience (ZDX), and ZPA for private application access, covering approximately 2,500 users with a 10% growth buffer. The successful bidder will assume operational responsibility including policy management, monitoring, reporting, and ongoing support under a managed service model.
Annexure 1 - Vendor application Local.pdf
Request for Quotation from South African Airways for the supply, implementation, and operation of Zscaler App and platform as a managed security service. This is a vendor registration and application process requiring completion of AP Form - 07 with comprehensive company, banking, tax, and B-BBEE documentation. The tender closes on July 10, 2026 at 16:00 GMT.
ANNEXU~2.PDF
South African Airways (SAA) is requesting quotations for the supply, implementation, and operation of the Zscaler App and platform as a managed security service. The tender is governed by SAA’s General Conditions of Contract (GCC), which outline legal, technical, and procedural obligations for bidders. The contract includes provisions for performance security, warranties, penalties, dispute resolution, and compliance with South African laws. The closing date for submissions is July 10, 2026, at 16:00 UTC.
To download these documents and access AI-powered analysis, visit the main tender page.
Organization
South African Airways (Pty) LimitedContact Person
Rubina Data
Phone
011-978-9262
[email protected]
Address
32 Jones Road, Airways Park, Johannesburg (Head Office) - Kempton Park - Isando - 1627
Source confidence
High source confidence
Official source
eTenders.gov.za
Documents found
4
Last checked
02 Jul 2026
AI status
Enhanced
This tender has strong source evidence, including source metadata and supporting tender information synced from the government tender portal.
Tenders SA is not the issuing authority. All tenders are automatically synced from the official government tender portal. Always confirm final submission details, closing dates, briefing sessions, eligibility requirements, and documents on the official government portal before applying.
South African Airways is South Africa's national airline, offering domestic and international passenger and cargo services.
Key Personnel
Description
Source: RFQGSM~1.PDFScope: Supply, licensing, implementation, configuration, optimization, and full operational management of the Zscaler App platform as a managed security service for South African Airways (SAA). Minimum solution components: Zscaler Internet Access (ZIA) and Zscaler Digital Experience (ZDX). Licensing must cover ~2,500 users with a 10% growth buffer. SAA ICT retains ownership; service provider assumes operational responsibility under a structured managed service model. Deliverables include secure internet/SaaS access, continuous threat protection, centralized visibility, and measurable security maturity improvement. Platform must support on-premises and remote users, replacing perimeter-based security with a local client proxy. Scalability required without reimplementation; growth beyond buffer addressed via formal true-up at renewal.
Important Dates
Source: RFQGSM~1.PDF (RFQ)Closing date: 10 July 2026 at 16:00. RFQ validity period: 180 days from issue date (02 July 2026).
Contact Information
Source: RFQGSM~1.PDF (RFQ)Submission email: [email protected]. Department: Global Supply Management, South African Airways (Pty) Limited.
Submission Guidelines
Source: RFQGSM~1.PDF (RFQ)Submit all required documents via email to [email protected]. Maximum email attachment size is 2MB. If files exceed this, send in parts or provide a downloadable link (SAA is not responsible for corrupt links). Quotations must be submitted before 10 July 2026 at 16:00. Late or incomplete submissions will be disqualified. Required returnable documents: SAA Vendor application (Annexure 1), SBD 4 (Annexure 2), General Conditions of Contract (Annexure 3), managed service offering/operating model, incident escalation and response process, support team organogram, and SLA matrix (including incident response times, support hours, and escalation timelines). Failure to submit all required documents will result in disqualification.
Returnable Documents
Source: RFQGSM~1.PDF (RFQ)Required documents: SAA Vendor application (Annexure 1), SBD 4 (Annexure 2), General Conditions of Contract (Annexure 3), managed service offering/operating model, incident escalation and response process, support team organogram, SLA matrix (including incident response times, support hours, escalation timelines). Submit via email to [email protected] (max 2MB per email; use parts or links if larger). Late or incomplete submissions are disqualified.
Evaluation Criteria
Source: RFQGSM~1.PDF (RFQ)Mandatory requirements (100% compliance required): South African registration or authorized Zscaler partner status; minimum 5 years enterprise security experience with PO/contract evidence; managed service capability with 24x7 support including incident escalation process, support team organogram, and SLA matrix. Technical functionality threshold: 75%. Specific Goals allocation: B-BBEE Level 1-2 (10 points), 30%+ black women owned (10 points). Non-compliant or Level 3-8 B-BBEE contributors receive 0 points for that category.
Technical Specifications
Source: RFQGSM~1.PDF (RFQ)Scope: Supply, licensing, implementation, configuration, optimization, and full operational management of the Zscaler App platform as a managed security service for SAA. Minimum solution components: Zscaler Internet Access (ZIA) and Zscaler Digital Experience (ZDX). Licensing must cover ~2,500 SAA users with a 10% growth buffer (no immediate commercial renegotiation for increases within buffer). SAA ICT retains ownership; service provider assumes operational responsibility. Key deliverables: Secure internet/SaaS access via cloud-based inspection, continuous threat protection (phishing, malware, ransomware), centralized visibility (user activity, policy enforcement, threat analytics), and measurable security maturity improvement. Platform must support on-premises and remote users, replacing perimeter-based security with a local client proxy. Scalability required without platform reimplementation; growth beyond buffer addressed via formal true-up at renewal.
Experience & Qualifications
Source: RFQGSM~1.PDFBidder must be a South African registered entity or authorized local Zscaler partner. Minimum 5 years' experience in enterprise secure access, ZTNA, secure web gateway, cloud firewall, or cloud-delivered security (POs/contracts required). Key personnel: Technical Lead/Architect (5+ years cybersecurity, 3+ years Zscaler), Secure Access/Network Security Specialist (3-5 years ZIA/ZPA), Identity & Access Specialist (Azure AD/Entra ID integration). Relevant certifications: ZCCA, ZCCP, CISSP, CISM, CEH, Security+, ITIL v4. CVs required (5+ CVs = 20 points, 4 CVs = 15, 3 CVs = 10, 1 CV = 5, none = 0).
Quality Management
Source: RFQGSM~1.PDFPlatform must secure internet and SaaS access via cloud-based inspection and policy enforcement. Must provide continuous protection against phishing, malware, ransomware, and advanced threats. Centralized visibility required for: user activity, threat analytics, policy enforcement logs, and application access monitoring. Evidence must include native Zscaler dashboards/reports (screenshots acceptable). Scoring: 5+ enterprise customers (10 points), 2-4 customers (5 points), limited/no dashboards (0 points).
Pricing Schedule
Source: RFQGSM~1.PDFPricing must be exclusive of VAT and firm (fixed, subject only to statutory VAT changes). Structure pricing per individual component based on technical/functional requirements. Licensing model must include: baseline assets + 10% growth buffer, no penalties within buffer, formal true-up at renewal, transparent pricing, and predictable renewal terms. Scoring: Clear model (15 points), minor constraints (10 points), limited scalability/unclear terms (0 points).
Financial Requirements
Source: RFQGSM~1.PDF (RFQ)Pricing must be exclusive of VAT and firm (fixed, subject only to statutory VAT changes). Prices should be structured per individual component based on technical/functional requirements. Payment terms and conditions subject to SAA General Conditions of Contract. Licensing model must include: baseline assets + 10% growth buffer, no penalties within buffer, formal true-up at renewal, transparent pricing, and predictable renewal terms. Commercial constraints or unclear terms may reduce scoring.
Compliance Requirements
Source: RFQGSM~1.PDF (RFQ)Mandatory compliance: Valid Original Tax Clearance Certificate (submit if SAA does not have a current one). Bidder must be a South African registered entity or authorized local Zscaler partner. Proof of 5+ years' experience in enterprise secure access/ZTNA/cloud security (POs/contracts required). Capability to provide ongoing Zscaler support, monitoring, and service management. Key personnel requirements: Technical Lead/Architect (5+ years cybersecurity, 3+ years Zscaler), Secure Access/Network Security Specialist (3-5 years ZIA/ZPA), Identity & Access Specialist (Azure AD/Entra ID integration). Relevant certifications (e.g., ZCCA, ZCCP, CISSP, CISM, CEH, Security+, ITIL v4) advantageous. B-BBEE: Level 1-2 (10 points) or 30%+ Black Women Owned (10 points). Acceptable evidence: B-BBEE Certificate, Sworn Affidavit, or CIPC Certificate (consolidated scorecard for JVs). EME/QSE: 51% Black Owned (B-BBEE Certificate/Sworn Affidavit/CIPC Certificate).
B-BBEE Requirements
Source: RFQGSM~1.PDF (RFQ)Specific Goals (20 points total): B-BBEE Level 1-2 contributors (10 points), 30%+ Black Women Owned (10 points). Non-compliant or B-BBEE Level 3-8 contributors receive 0 points. Acceptable evidence: B-BBEE Certificate, Sworn Affidavit, or CIPC Certificate (consolidated scorecard for JVs). EME/QSE: 51% Black Owned (B-BBEE Certificate/Sworn Affidavit/CIPC Certificate).
Requirements
Source: RFQGSM~1.PDF (RFQ)Mandatory returnable documents: SAA Vendor application (Annexure 1), SBD 4 (Annexure 2), General Conditions of Contract (Annexure 3), managed service offering/operating model, incident escalation/response process, support team organogram, and SLA matrix (response times, support hours, escalation timelines). 100% compliance required; failure to submit all documents results in disqualification. Bidder must confirm compliance with statements (Yes/No + proof); 'No' responses lead to disqualification.
Section
Source: RFQGSM~1.PDFEvaluation methodology: 5-stage process (Administrative, Substantive, Technical Functionality, Price/Resource Rate, Specific Goals). Administrative: Compliance with returnable documents and signatures. Substantive: Mandatory requirements (100% compliance). Technical Functionality (100% total, 75% minimum threshold): Implementation Lead Time (10%), Vendor Authorization (30%), Platform Coverage (15%), Operational Dashboards (10%), Licensing Flexibility (15%), Key Personnel CVs (20%). Price/Resource Rate: 80 points. Specific Goals: B-BBEE Level 1-2 (10 points), 30%+ Black Women Owned (10 points). SAA may evaluate stages in parallel and is not obligated to award the contract or accept the lowest bid.
Contact Information
Source: Annexure 1 - Vendor application Local.pdf (unknown)Submission email: [email protected]. For vendor-related queries, contact the Vendor Master team via the same email. No phone or physical address provided in the document.
Submission Guidelines
Source: Annexure 1 - Vendor application Local.pdf (unknown)Submit the completed Vendor Application Form and all supporting documents via email to: [email protected]. Required returnable documents: if you are a contracted supplier, attach a copy of your contract; if not, attach a GSM Approval Schedule. Ensure all documents are valid and up-to-date.
Returnable Documents
Source: Annexure 1 - Vendor application Local.pdf (unknown)Required returnable documents: Certified shareholders’ certificates. Additional documents: cancelled cheque or stamped bank confirmation letter (not older than one year), latest valid B-BBEE certificate, latest valid tax clearance certificate, CSD Registration Report, certified company registration documents, certified copies of shareholders' identity documents.
Evaluation Criteria
Source: Annexure 1 - Vendor application Local.pdf (unknown)Vendors must be registered on the Central Supplier Database (CSD), possess a valid Tax Clearance Certificate, have a current B-BBEE Certificate or affidavit, provide proof of bank account validity, and be legally authorized to operate in South Africa. Companies must disclose B-BBEE status level, black ownership percentages, annual turnover, and enterprise development participation. Exempted Micro Enterprises (EME) and Qualifying Small Enterprises (QSE) have simplified requirements.
Experience & Qualifications
Source: Annexure 1 - Vendor application Local.pdf (unknown)Bidder must disclose: Duration of enterprise operation (in months/years). Annual turnover for the previous financial year.
Financial Requirements
Source: Annexure 1 - Vendor application Local.pdf (unknown)Payment terms: 15 days from invoice date. GSM Approval Schedule must be attached if not a contracted supplier. Bank details (name, branch, account number) and tax information (VAT registration, tax clearance certificate) are required for processing.
Compliance Requirements
Source: Annexure 1 - Vendor application Local.pdf (unknown)Mandatory compliance documents: Certified company registration documents, certified copies of shareholders' identity documents, certified shareholders’ certificates, cancelled cheque or stamped bank confirmation letter (not older than one year), latest valid B-BBEE certificate or affidavit, latest valid tax clearance certificate or SARS pin on official SARS documentation, CSD Registration Report. B-BBEE details required: certificate number, verification and expiry dates, applicable scorecard (EME, QSE, or General/Large), B-BBEE status level, enterprise development and value-adding status, percentage of black ownership, black women ownership, and black people with disabilities.
B-BBEE Requirements
Source: Annexure 1 - Vendor application Local.pdf (unknown)B-BBEE requirements: Provide certificate number, verification and expiry dates. Specify applicable scorecard (EME, QSE, or General/Large). Disclose B-BBEE status level, enterprise development participation (Yes/No), value-adding status (Yes/No), percentage of black ownership, black women ownership, and black people with disabilities. State how long the enterprise has been in operation (months/years) and the company’s annual turnover for the previous financial year.
Special Conditions
Source: Annexure 1 - Vendor application Local.pdf (unknown)Special conditions: If the bidder is a contracted supplier, attach a copy of the contract. If not, attach a GSM Approval Schedule. Negotiated contracted B-BBEE status must be disclosed (QSE or EME). Payment terms are 15 days from invoice date, and the GSM Approval Schedule must be submitted if applicable.
Section
Source: Annexure 1 - Vendor application Local.pdf (unknown)Contact details to be provided by the bidder: phone, email, fax, city, province, postal code, and contact person’s phone and cellular numbers. Submission email: [email protected].
Description
Source: ANNEXU~2.PDFThis document is the SAA General Conditions of Contract. Its purpose is to draw special attention to general conditions applicable to government bids, contracts, and orders, and to ensure familiarity with rights and obligations of all parties doing business with government. The GCC forms part of all bid documents and may not be amended. Special Conditions of Contract supplement the GCC and prevail where conflicts exist.
Important Dates
Source: ANNEXU~2.PDF (TENDER)No specific important dates are stated in this document beyond the closing date already recorded in the tender listing. The General Conditions of Contract define 'Closing time' as the date and hour specified in the bidding documents for receipt of bids.
Contact Information
Source: ANNEXU~2.PDF (TENDER)No specific contact details, SCM officials, or technical contacts are provided in this document. Bidders should consult the main tender documentation for relevant contact persons.
Submission Guidelines
Source: ANNEXU~2.PDF (TENDER)The document does not contain specific submission instructions, required returnable documents, or submission address for this tender. Bidders should refer to the main tender documentation for submission requirements. The General Conditions of Contract state that bid invitations are published in the Government Tender Bulletin and may be accessed electronically from www.treasury.gov.za.
Evaluation Criteria
Source: ANNEXU~2.PDF (TENDER)Mandatory
Preferred
Technical Specifications
Source: ANNEXU~2.PDF (TENDER)The document does not contain technical specifications for the Zscaler App and platform. It provides only the General Conditions of Contract framework. The GCC states that goods supplied must conform to standards mentioned in the bidding documents and specifications. The document covers inspection and testing provisions: pre-bidding testing costs are borne by the bidder; supplier premises must be open for inspection during production or execution; non-compliant supplies may be rejected; rejected supplies must be removed and replaced by the supplier at their cost.
Quality Management
Source: ANNEXU~2.PDFInspection and testing provisions: pre-bidding testing costs borne by bidder. Supplier premises must be open for inspection at all reasonable hours during production, execution, or on completion. If supplies comply with contract requirements, inspection costs paid by purchaser. If supplies do not comply, costs paid by supplier. Non-compliant supplies may be rejected. Rejected supplies held at supplier's cost and risk; supplier must remove and replace immediately. If supplier fails to replace, purchaser may procure substitute goods and recover costs from supplier. Goods must conform to standards mentioned in bidding documents and specifications. Supplier must keep records open for audit by purchaser's appointed auditors.
Pricing Schedule
Source: ANNEXU~2.PDF (TENDER)Pricing: prices charged must not vary from quoted bid prices except as authorized in SCC or through bid validity extension requests. Payment: method and conditions specified in SCC. Supplier must submit invoice with delivery note. Payment within 30 days of invoice submission. Payment in Rand unless otherwise stipulated. Incidental services: prices must be agreed in advance and not exceed prevailing rates. Spare parts: supplier must provide spare parts as elected by purchaser; must notify purchaser in advance of spare parts production termination; must provide blueprints and specifications at no cost upon termination.
Financial Requirements
Source: ANNEXU~2.PDF (TENDER)Payment terms: purchaser must pay within 30 days of invoice submission. Payment will be made in Rand unless otherwise stipulated in SCC. Prices must not vary from quoted prices except as authorized in SCC. Performance security: successful bidder must provide security within 30 days of contract award notification, in the form of a bank guarantee, irrevocable letter of credit, or certified cheque. Insurance: goods must be fully insured in a freely convertible currency against loss or damage during manufacture, acquisition, transportation, storage, and delivery.
Compliance Requirements
Source: ANNEXU~2.PDF (TENDER)Tax compliance: no contract may be concluded with a bidder whose tax matters are not in order. An original tax clearance certificate from SARS must be submitted prior to award. Anti-corruption: corrupt or fraudulent practices are prohibited. Bidders or contractors found engaging in collusive bidding may be referred to the Competition Commission and could face bid invalidation, contract termination, restriction from public sector business for up to 10 years, or damages claims. National Industrial Participation Programme may apply to contracts subject to NIP obligations. Supplier must indemnify purchaser against third-party patent, trademark, or industrial design infringement claims.
B-BBEE Requirements
Source: ANNEXU~2.PDF (TENDER)National Industrial Participation Programme: administered by Department of Trade and Industry; applicable to contracts subject to NIP obligation.
Contractual Terms
Source: ANNEXU~2.PDFContract duration and amendments: no variation or modification of contract terms except by written amendment signed by all parties. Assignment: supplier may not assign obligations without purchaser's prior written consent. Subcontracts: supplier must notify purchaser in writing of all subcontracts; this does not relieve supplier of obligations. Delays: supplier must notify purchaser promptly of any conditions impeding delivery; purchaser may extend time with or without penalties. Penalties: for late delivery, purchaser may deduct penalties calculated at prime interest rate per day of delay. Termination for default: purchaser may terminate if supplier fails to deliver, fails to perform obligations, or engages in corrupt or fraudulent practices. Termination for insolvency: purchaser may terminate if supplier becomes bankrupt or insolvent. Force majeure: supplier not liable for non-performance due to events beyond control such as wars, fires, floods, epidemics, quarantine restrictions, or freight embargoes. Dispute resolution: parties must attempt mutual consultation; if unresolved after 30 days, either party may initiate mediation; if mediation fails, disputes settled in South African courts. Governing language: contract in English. Applicable law: South African law applies. Notices: served by registered or certified mail to address provided in bid.
Requirements
Source: ANNEXU~2.PDF (TENDER)Tax requirements: foreign suppliers responsible for all taxes, duties, and levies imposed outside South Africa. Local suppliers responsible for all taxes, duties, and license fees until delivery. Tax clearance certificate (original from SARS) required before contract award. Insurance: goods must be fully insured in freely convertible currency against loss or damage incidental to manufacture, acquisition, transportation, storage, and delivery. Performance security: amount specified in SCC; must be provided within 30 days of award notification; returned within 30 days of contract completion including warranty obligations.
Section
Source: ANNEXU~2.PDFPenalty provisions: if supplier fails to deliver within specified time, purchaser may deduct penalties at prime interest rate per day of delay and may terminate the contract.
Data conflicts
None detected
Get deep intelligence on Information service activities. Unlock full pricing strategies, bid frequency, and historical win rates.