Closed call for evidence

A Code of Practice for Software Vendors: call for views

Summary

The government is seeking industry views on a draft code of practice for software vendors to improve the resilience and security of software.

This call for evidence ran from
to

Call for evidence description

The government is working to improve cyber resilience across the UK economy. This includes improving the resilience and security of software to strengthen digital supply chains.

Following the previous call for views on software resilience and security for businesses and organisations, the government has undertaken extensive stakeholder engagement to develop a package of policy interventions. The interventions in this package are designed to prevent common mistakes in software development and distribution, and to improve information sharing between software vendors and their customers. Addressing these issues will reduce the likelihood and impact of software supply chain attacks and other incidents that continue to affect organisations across all sectors of our economy.

The government is now publishing a draft Code of Practice for Software Vendors. This voluntary code of practice sets out the fundamental security and resilience measures that should be expected of all organisations which develop or sell software used by businesses and other organisations. The Code of Practice aims to strengthen the foundations of the many kinds of digital technologies that all sectors of our economy rely on. 

This call for views seeks feedback on the proposed design of the Code of Practice for Software Vendors including input on how it should be implemented.

The government is also holding a call for views on AI cyber security which is linked to this call for views on software. Please visit the AI cyber security page for further details.

You can read more about how this Code of Practice for Software Vendors aligns with the Code of Practice for AI Cyber Security on the cyber security codes of practice page.

Documents

Updates to this page

Published 2 August 2024

Sign up for emails or print this page