Skip to main content

Government Departments: Procurement

Question for Cabinet Office

UIN HL17798, tabled on 25 September 2019

To ask Her Majesty's Government what steps they are taking to ensure that best practice in evaluating the cyber security of supply chains is being shared across government departments.

Answered on

8 October 2019

The government takes supply chain security seriously. The requirement to understand and manage cyber security issues arising from a department’s supply chain is detailed in Item 1 of the Minimum Cyber Security Standard.

The use of Cyber Essentials in government procurement is set out in Policy Procurement Notice 09/14. Use of Cyber Essentials demonstrates a supplier has taken necessary steps to obtain an appropriate level of cyber security.

Best practice is promoted through the advice contained in the National Cyber Security Centre and Centre for the Protection of National Infrastructure’s Supply Chain Security guidance.

Answered by

Cabinet Office