Crown Commercial Service (CCS) frameworks are the lifeblood of public sector revenue for UK SMBs. But before you can price a call-off or write a method statement, you have to pass the Pre-Qualification Questionnaire (PQQ). Sometimes called a Selection Questionnaire (SQ) or Procurement Specific Questionnaire (PSQ), this document is the gatekeeper. Fail a mandatory question, and your bid is dead before the buyer even looks at your technical response.
For bid managers and SME owners, the PQQ is a high-stakes compliance exercise. It demands precise financial data, flawless policies, and rigorous proof of past performance. A single missed policy attachment or a misunderstood turnover threshold can waste weeks of bid writing effort.
This guide breaks down every section of a typical CCS PQQ. We will look at what buyers are actually asking, how to structure your answers, and the exact thresholds you need to meet. Whether you are bidding on G-Cloud 13, DOS6, or RM6263, mastering the PQQ is your first step to winning government work.
What this guide covers
- The structure of the standard CCS Selection Questionnaire (SQ).
- How to navigate mandatory and discretionary exclusions.
- Passing the economic and financial standing thresholds.
- Proving technical and professional ability with COTPAs.
- Handling modern slavery, cyber security, and social value requirements.
- A worked example of a technical ability response.
- Common mistakes that cause automatic failures.
Part 1: Supplier Information
The first section of any CCS PQQ is administrative. It asks for your basic company details, legal structure, and contact information. While it is not scored, accuracy here is critical. Discrepancies between your registered Companies House details and your PQQ response can trigger clarification questions or compliance failures.
You will need your company registration number, VAT number, and DUNS number. The Data Universal Numbering System (DUNS) number is a unique nine-digit identifier for businesses, widely used by the UK government to track corporate entities. If you do not have one, you must apply for it well in advance of the tender deadline, as processing can take several days.
If you are bidding as part of a consortium or using subcontractors to deliver a significant portion of the work, you must declare it here. CCS requires transparency about who is actually delivering the contract. If you rely on a subcontractor to meet technical or financial criteria, they will usually need to complete their own PQQ sections. This means you must coordinate with your supply chain early. Do not wait until the day before submission to ask a partner for their audited accounts or health and safety policy.
You must also detail your corporate structure, including immediate and ultimate parent companies. This is to ensure transparency regarding ownership and potential conflicts of interest. For UK SMBs, this is usually straightforward, but if you have recently been acquired or have a complex holding structure, ensure the information matches the public record.
Part 2: Mandatory Exclusions
This section is a straightforward pass/fail compliance check based on the Public Contracts Regulations 2015 (PCR 2015). CCS must exclude any supplier that has been convicted of specific offences within the last five years.
The questions cover participation in criminal organisations, corruption, fraud, terrorist financing, money laundering, and human trafficking. For the vast majority of SMBs, this section is a simple series of "No" answers. However, you must ensure that this applies to all directors and any person with powers of representation, decision, or control within your organisation.
If you answer "Yes" to any of these questions, you are almost certainly excluded from the procurement, unless you can provide compelling evidence of "self-cleaning". Self-cleaning means proving that you have taken concrete steps to rectify the situation, such as paying compensation, collaborating fully with investigating authorities, and completely overhauling your compliance systems. For most UK SMBs, a "Yes" here means a bid/no-bid decision should have been made much earlier in the process.
It is vital to understand that these questions apply not just to the bidding entity, but to any organisation you are relying on to meet the selection criteria, such as a parent company providing a financial guarantee or a key subcontractor providing technical expertise. If they fail a mandatory exclusion, your entire bid fails.
Part 3: Discretionary Exclusions
Unlike mandatory exclusions, discretionary exclusions give the contracting authority the right, but not the absolute obligation, to exclude you. These questions cover issues that occurred within the last three years.
Key areas include bankruptcy or insolvency, grave professional misconduct, distortion of competition, conflicts of interest, and significant prior contract failures. Tax compliance is also heavily scrutinised. You must declare if you are in breach of your obligations relating to the payment of taxes or social security contributions.
If you must answer "Yes" to a discretionary exclusion, you have an opportunity to explain. You must provide detailed evidence of the corrective actions you have taken. For example, if a previous public sector contract was terminated early due to poor performance, you must explain what went wrong and, crucially, the structural changes your business has made to ensure it never happens again. Buyers are risk-averse; they need absolute assurance that the issue is resolved.
Another increasingly common discretionary exclusion relates to the Russian and Belarusian supplier restrictions introduced via Procurement Policy Note (PPN) 01/22. You must confirm whether your organisation, or any member of your supply chain, is incorporated in or has significant operations in Russia or Belarus. A "Yes" here will almost certainly lead to exclusion under current government policy.
Part 4: Economic and Financial Standing
This is where many SMBs stumble. CCS needs to know that your business is financially robust enough to deliver the contract without going bust mid-term. This section is evaluated on a pass/fail basis against predefined minimum thresholds.
The most common metric is the minimum turnover requirement. PCR 2015 states that buyers should not demand a turnover greater than twice the estimated contract value, except in highly justified circumstances. For framework agreements like IT Services or Professional Services, the threshold is usually tied to the specific lot you are bidding for. For example, if you are bidding for a lot with an anticipated call-off value of £500,000, the buyer may set a minimum annual turnover threshold of £1 million.
You will be asked to provide your annual turnover for the last two or three financial years. If your business is newly established and does not have three years of accounts, you are not automatically excluded. You can usually provide alternative evidence of financial standing, such as a bank letter, a statement of cash flow, or a parent company guarantee. The key is to communicate proactively with the buyer during the clarification period if you are unsure what alternative evidence they will accept.
You must also confirm your insurance cover. Standard requirements for CCS frameworks typically include Employer’s Liability (statutory minimum of £5 million), Public Liability (often £1 million to £5 million), and Professional Indemnity (usually £1 million to £5 million). If you do not currently hold the required levels, you can usually pass by stating "Yes" to committing to obtain the required cover if you are awarded a place on the framework. Do not buy expensive insurance policies just to submit a PQQ; wait until you have won the contract.
Financial ratios are another common assessment tool. Buyers may calculate your current ratio (current assets divided by current liabilities) to assess short-term liquidity. A ratio below 1.0 may trigger further scrutiny, requiring you to provide management accounts or a letter from your accountant explaining your cash flow position.
Part 5: Technical and Professional Ability
This section proves you can actually do the job. It is the most rigorous part of the PQQ and is often scored rather than just pass/fail. CCS wants evidence of relevant past performance.
For many CCS frameworks, this involves submitting a Certificate of Technical and Professional Ability (COTPA). A COTPA is a structured reference. You typically need to provide two COTPAs per lot, detailing contracts delivered within the last three years. These contracts must be similar in scope and scale to the framework requirements.
Crucially, a COTPA must be signed off by your customer. You cannot just write a glowing case study; the buyer from that previous contract must verify your claims. This requires strong client relationships and proactive bid management. You must secure these signatures well before the PQQ deadline. The customer contact must not have been employed by your organisation in the past three years, ensuring independence.
When describing your past contracts, focus on outcomes and metrics. Do not just say you delivered an IT system; state that you deployed a cloud infrastructure that reduced server downtime by 40% for a government department of 2,000 users. Use the exact terminology found in the framework specification. If the framework asks for "agile delivery," ensure your case studies explicitly mention sprints, scrums, and user research.
You may also be asked to provide details of your quality management systems, such as ISO 9001 certification. If you do not hold the formal certification, you must usually provide a detailed description of your internal quality assurance processes, demonstrating that they meet equivalent standards. The same applies to environmental management (ISO 14001) and health and safety (ISO 45001 or CHAS).
Part 6: Compliance Policies and Additional Modules
Depending on the framework, the PQQ will include additional modules covering specific policy areas. These are increasingly critical for central government contracts and reflect broader policy goals beyond simple procurement.
Cyber Essentials: For any contract involving the handling of public sector data or delivering IT systems, Cyber Essentials certification is mandatory under PPN 014. For higher-risk frameworks, Cyber Essentials Plus is required. You must either hold the certificate at the time of bidding or commit to obtaining it before the contract start date. This is a hard pass/fail criteria; there is no flexibility here.
Modern Slavery: If your turnover exceeds £36 million, you must comply with the Modern Slavery Act 2015 and provide a link to your annual statement. However, CCS often asks all suppliers, regardless of size, to confirm their approach to mitigating modern slavery risks in their supply chains. You should have a clear policy detailing how you assess suppliers and ensure fair labour practices.
Equality and Diversity: You must confirm you comply with the Equality Act 2010. This usually involves uploading your Equal Opportunities policy and confirming that no findings of unlawful discrimination have been made against you by an Employment Tribunal or court. Your policy must be up-to-date and actively implemented, not just a document sitting on a shared drive.
Carbon Reduction: For contracts over £5 million, PPN 06/21 requires a Carbon Reduction Plan (CRP) confirming your commitment to achieving Net Zero by 2050. The CRP must detail your current emissions (Scope 1 and 2, and a subset of Scope 3) and outline the steps you are taking to reduce them. Even for smaller SMBs bidding on lower-value lots, having a basic environmental policy and baseline emissions data is highly recommended, as these requirements are cascading down the supply chain.
Health and Safety: You will be asked to confirm your compliance with health and safety legislation. This usually involves providing your Health and Safety policy (mandatory if you have five or more employees) and detailing any enforcement notices or prosecutions by the Health and Safety Executive (HSE) in the past three years.
Worked example
Here is an illustrative example of how to structure a contract description for a Technical and Professional Ability response (often forming the basis of a COTPA) for a cloud migration lot on a framework like RM6263.
Contract Title: Legacy Infrastructure Migration to Public Cloud Customer: Department for Work and Pensions (Illustrative) Contract Value: £450,000 Start/End Date: Jan 2024 – Nov 2024
Description of Services Provided: We acted as the prime contractor to migrate the client's legacy on-premise case management system to a secure AWS cloud environment. The scope included architecture design, data migration (2TB of sensitive citizen data), and the implementation of a new CI/CD pipeline. We provided a multidisciplinary team including a Delivery Manager, two Cloud Architects, and a Security Cleared (SC) Data Engineer.
Relevance to Framework Specification: This contract demonstrates our capability in 'Cloud Migration Services' (Lot 2). We utilised agile methodologies (Scrum) to deliver the project in two-week sprints, aligning with the Government Service Design Manual. We conducted comprehensive user research during the alpha phase to ensure the new architecture met the needs of the internal caseworkers.
Outcomes Achieved: The migration was completed two weeks ahead of schedule and 5% under budget. The new cloud infrastructure reduced system latency by 35% and achieved 99.99% uptime over the subsequent six months. We ensured full compliance with NCSC Cloud Security Principles throughout the data transfer phase, passing all penetration tests with zero critical vulnerabilities.
Common mistakes
- Failing to answer every part of a multi-part question. Many PQQ questions have sub-clauses. If you miss one, you fail. Break the question down and use sub-headings in your response to ensure you address every single point explicitly. Evaluators will not read between the lines; the evidence must be clearly stated.
- Using outdated policies. Uploading a Health and Safety policy from 2019 or an Equality policy that does not reference the Equality Act 2010 shows a lack of compliance. Review and date-stamp all your core policies annually. An undated policy is often treated as an invalid policy.
- Ignoring the word counts. PQQ text boxes often have strict character or word limits. If you write 600 words for a 500-word limit, the portal will truncate your answer, potentially cutting off your most vital evidence. Draft in a word processor first, check the character count (including spaces), and then paste it into the portal.
- Assuming 'N/A' is an acceptable answer. Unless the guidance explicitly states a question is optional for your specific business type, never write 'N/A'. If you think a question does not apply, explain exactly why it does not apply based on the procurement regulations. A blank box or an unexplained 'N/A' is usually scored as a fail.
- Leaving COTPA signatures to the last minute. Customers are busy. If you email them a COTPA form three days before the bid deadline, they might not sign it in time. Identify your reference contracts during the bid/no-bid phase and request signatures immediately. Have backup references ready just in case your primary contact is on annual leave.
- Mismatching financial data. If your stated turnover in Part 4 does not match your uploaded audited accounts, the evaluators will flag it. Ensure your finance director reviews the economic standing section before submission. Any discrepancies must be clearly explained in a supporting document.
- Providing generic case studies. A case study that says "we are great at IT" will score poorly. You must map the specific activities in your case study directly to the requirements listed in the framework specification. Use their language, not yours.
Frequently asked questions
What is the difference between a PQQ and an SQ?
They are effectively the same thing. The government officially rebranded the Pre-Qualification Questionnaire (PQQ) to the Selection Questionnaire (SQ) in 2016 to standardise the process via PPN 8/16. You will hear buyers and bid writers use the terms interchangeably, though SQ is technically the correct current terminology.
Do I need three years of accounts to pass?
No. While buyers ask for three years of turnover, the regulations state that newer businesses cannot be unfairly excluded. If you are a startup, you can provide alternative financial evidence, such as a bank reference, cash flow forecasts, or a statement of your current turnover since incorporation.
Can I use private sector contracts as references?
Yes. Unless the specific framework guidance explicitly forbids it (which is rare), private sector contracts are perfectly valid for demonstrating your technical and professional ability, provided the scope of work is highly relevant to the public sector requirement. The key is relevance, not the sector.
What happens if I fail a mandatory exclusion question?
You will be excluded from the procurement process immediately. The only exception is if you can provide robust evidence of 'self-cleaning'—proving you have paid relevant fines, cooperated with investigating authorities, and implemented new compliance measures to prevent recurrence.
Is Social Value scored at the PQQ stage?
Usually, no. The PQQ focuses on your backward-looking compliance and capability. Social value, which looks at what you will deliver in the future (such as creating local jobs or reducing carbon emissions), is almost always evaluated and scored during the Invitation to Tender (ITT) or award stage.
How long does a PQQ take to evaluate?
This varies significantly depending on the complexity of the framework and the number of applicants. For major CCS frameworks, the evaluation of the selection stage can take anywhere from four to eight weeks. You will be notified of the outcome via the eSourcing portal.
