Top 5 tips to write the best RFP/tender brief for your next digital project

Top 5 tips to write the best RFP/tender brief for your next digital project

As part of my role, I come across dozens of tenders every year. I have seen some amazing briefs but also many others that were less than helpful! I want to share what I have seen working well and help us as an agency to deliver the best solutions.


Are you looking to hire an agency or source a digital service for your company? Do you need to write a brief for your procurement team or go out to the market to find an agency? Read through and get a free checklist template to download at the end of the article.

Delivering transactional services online is increasing the overall efficiency and providing a more consistent user experience for the general public. However, the process of writing a brief and finding the right digital partner to design and build it is always tricky.

When public sectors organisations have a need for digital projects (revamping a website, building a new self-service portal…), they open their brief to tender. We won’t get into the “Public Contracts Regulations” or OJEU requirements, but past that famously tricky and cumbersome process, there are a lot of good practices private companies can learn from the public sector procurement process.

As part of my role leading the Client Services Team in our agency, I come across tenders every week and submit dozens of them every year. I have seen some amazing briefs but also many others that were less than helpful! I want to share what I have seen working well and help us as an agency to deliver the best solutions.

One example that comes to mind is the procurement process we won to revamp the new SportEngland.org website at the beginning of 2019. The format of the tenders (from the UK Government Digital Marketplace), the information provided by the organisation and the process used for them to make a selection was very efficient. Less than a year on, we delivered an amazing new website on time and on budget.

Going back analysing what went so well during the tendering process, here are my top 5 tips you should follow to ensure the successful engagement of the right digital partner for your next project:

1. Format and shortlist process

How do you go about finding suitable companies? You could do some desk research, Google a few companies and shortlist what you like based on their website or awards nominations. However, the agency space is very competitive so you will most probably miss the right agency that has the best combination of skills and experience for your project. I’d usually recommend minimising input from large consultancy firms, as more niche providers could be better suited to deliver on your needs. You can also publish it on your website and accept open submissions.

To ensure a good balance of comparing all partners, the most efficient process I would recommend is:

  1. Early market engagement - at this stage, the most important is to get additional input and draw on agencies’ experience of delivering similar projects;
  2. Submit a “Request for Information” (RFI) to shortlist a dozen candidates that have the basic generic user experience, creative and security credentials requirements;
  3. Publish a “Request for Proposal” (RFP) for agencies to submit a full project plan and their approach to your specific brief. This should allow you to narrow it down to 2 or 3 agencies;
  4. Organise a final face-to-face (via Zoom or MS Teams these days!) pitch presentation with the shortlisted. Allowing for 1h to 1.5h, you will have a chance to meet the team you would work with and ensure good chemistry. It’s the time to ask more questions about the previous RFP submission and ensure you are 100% confident about the partnership you are getting into!  

2. Early market engagement

As soon as you have a business case ready, I recommend drafting your overall needs and objectives on a 2-page brief. The first page should describe your challenges around the brand, your positioning in the market and the technical limitations of your current systems, for example the Content Management System (CMS). The second page needs to picture your destination: what are you looking to replace/upgrade? What does success look like?

You should then share it and organise an open-day / group conference call allowing a pool of organisations to engage with you. It is somewhat awkward to be in a room with 20 competing suppliers, but I always found it very useful. The question you will get at this stage will highlight parts of your brief that might not have been considered, parts that you thought might not be relevant but will be required to deliver a successful project. It also helps with innovation, as you can discover where the industry is heading, revealing new tools or “new ways of doing things”. At all times, you need to be transparent about the process, the timeline and include a budget range.

At this stage, the feedback shared by the agencies will help you narrow down your brief around the following pillars:

  • The type of project methodology to follow, for example, Agile.
  • What to consider when building a new CMS or integrating CRM; looking at open source vs proprietary and if there are any leading tool in your sector;
  • The ongoing support options, long term warranty and support retainers (as most of the time it’s not a one-time project and the platform will require some support)
  • The suitable hosting options with cloud providers, and how compatible these might be with your internal IT team’s requirements;
  • Your go-to-market and social media strategy to launch the new product/service;
  • What the various commercial options are: can it be done as a fixed price or on a time & materials basis;
  • The risks around 3rd party integrations you might need;
  • If your budget range and timeline are suitable based on the list of deliverables required;

From there, you will be ready to draft much better requirements in your Request for Proposal.

3. Key information to publish in your brief

Once you have a better understanding of what is possible, you need to write the full brief that will be used for the RFI and RFP stages. The best briefs I have seen are usually between 5 and 15 pages long (it does not need to be hundreds of pages!) with the following information:

Overview section

  • Summary of the work: what website or portal are we dealing with
  • Start date and contract length
  • Ongoing support requirements
  • Budget range
  • The team responsible for leading the project
  • Any specific deadline or key milestones to achieve

Scope of work

  • Your brand positioning and current state: is it still representing who you are? Is it in the scope of this project to refresh it or completely overhaul it?
  • Describe what you know about your persona: who are we designing for? What are the typical user journeys and key conversions path (download, login, pay…)? Do you have ICP (Ideal Customers Profile) already drafted?
  • The status of the content: are all the product information up to date? Is the copywriting still conveying your message?
  • The platform’s requirements: do you need a CMS with publishing workflows or a portal with interactive features (login, payments, community tools…)? Expand on the search requirements, it’s always a tricky and underestimated one! Any integrations with 3rd party tools such as a back-office CRM or other MarTech platforms?
  • Accessibility: the default these days is to aim for WCAG 2.1 AA validation. It’s become mandatory for public sector organisations but best practices for the private sector;
  • Performance budget: more than just a nice looking website, you need a fast one. Define some performance KPI such as 90% in Lighthouse score or under 2s loading time;
  • Analytics & reporting: what are the KPI you need to track and report on. What tools are you going to use (Google Tag Manager, Adobe DTM?) and report on (Google Data Studio, Tableau?)
  • Hosting & DevOps requirements: any specific hosting criteria? Aim for automation on deployments and rollbacks where possible;
  • Security requirements: any policies or internal control you must follow from your IT team? More on this below.

Evaluation criteria

  • How will you judge the submissions? How are you going to score each response and the ratio each one takes?
  • Timeline for shortlisting, presentation and tentative award date.

4. User experience requirements

User experience (UX) is the process we use to design all aspects of the end-users' interaction with your company, your services, and your products. In the digital space, it focused on designing a website/portal that turns your business requirements into a pleasurable experience for your customers. You can build the best technical platform but without UX, the end result will probably not convert your users! You need to ensure the shortlisting process can demonstrate the agencies’ ability to apply an iterative human-centred design process and:

  • Understand your personas or groups of target audience. From the basic knowledge you might have, the agency should dig deeper and talk to real users to extract new insights;
  • Design the key user journeys, using the findings from the persona research to build on all of your customers’ expectations
  • Map the information architecture or sitemap, grouping all your content into sections that make sense. A clean and clear navigation will go a long way in helping your visitors find what they are looking for;
  • Deliver wireframes or low-fidelity prototypes of what the new digital solution will look like;
  • Analyse and optimise your content. Most of the challenges on web projects are more content-related than technological! Having clear copywriting that is easy to digest by your users is critical;

To enrich your brief, you can include all the features currently available in your members' area or portal, as well as the ones you are lacking. You can also gather feedback from all your teams (i.e. most popular queries from your call center, challenges of reconciliation of online payment from your finance department...) to help focus the agencies’ presentations on solving those challenges.

5. Security credentials and compliance

When it comes to digital, one of the highest risks lies with data confidentiality. The good news is that there are international (and some more UK specifics) standards you need to mandate. Working with SME, it usually narrows down the list of suitable suppliers, for good reasons!

Unlike an insurance policy that can be upgraded, those standards are not something an agency can comply with within a few weeks of being awarded your contract. Security process and compliance needs to be ingrained in the company values, with policies embraced by the whole staff and showcased on previous projects.

Here are my recommended minimum security requirements you next agency should comply with:

  • ISO 27001 covers the need to identify and invest in suitable organisational and technical systems to manage and protect the confidentiality, integrity and availability of the various types of information held. It includes requirements around:

              - Board-level commitment to security;
              - Team training to ensure that all staff and contractors are aware of their duties and responsibilities under the agency’s information security policy;
              - Risk-based approach and continual improvement;
              - Business continuity policies, incidents plans;
              - Encryption protocols;
              - And many more…!

  • Cyber-Essentials and Cyber-Essentials Plus: This is a UK-specific government-backed scheme that will help you to protect your organisation against a whole range of the most common cyber attacks. For Cyber Essentials Plus, a hands-on technical verification is carried out;
  • PCI DSS if you need to process payments;
  • Penetration testing on the solution to be built, to ensure a robust system. For a web application, the tests should be in line with the Open Web Application Security Project (OWASP) and performed by CREST-approved auditors;
  • Data Protection regulations. In the UK, companies must be registered with the ICO and follow GDPR standards. In the US, CCPA compliance in California or other healthcare-related standards such as HIPAA might apply in your sector;
  • Some government bodies will also require staff vetting / background checks depending on the type of information or systems access needed (such as BPSS, NNPV, SC…). This is part of our HR recruitment process so we can assign our team on those projects.

Nail your next brief with my checklist

Despite its complexity and red tape, the government tendering rules and best practices can actually bring a lot more benefits to your next agency selection process. As you engage in a multi-year partnership and are going to spend hundreds of thousands with that agency, it is your responsibility to ensure that everything is clearly explained, giving the right information for the potential providers to present themselves and fully demonstrate their ability to deliver on your brief.

I put together a checklist of the top 10 items to include in your next digital project brief. It's free to download, just register on the link below or get in touch so can connect and further discuss your requirements. From my side, looking at it from the agency perspective, I hope you can get inspired by the above. If we ever get to work together, this process will ensure we are aligned on the same goal and start a new partnership on the right foot!


Jump to: