Government supplier assurance framework
This framework helps the government to manage supplier risk.
Documents
Details
This supplier assurance framework applies to contracts at the ‘Official’ information security level. It should:
- enable the early identification of high risk projects
- provide a framework for the risk management of contracts that is consistent, light touch but effective, understood by both government stakeholders and suppliers and enable information sharing and accountability
- inform the assurance approach taken to high, medium and low-risk contracts
It can be adapted for use in the wider government community as it allows organisations to interpret and apply it according to their business needs. It is particularly relevant where information is shared through contracts or agreements.
Updates to this page
Published 1 November 2013Last updated 16 May 2018 + show all updates
-
Supplier assurance framework updated.
-
Updated framework documents in line with Security Policy Framework, ISO27001: 2013 standard and the Cyber Essentials scheme.
-
First published.