Strategy

This guide will share best practices for embedding cyber security into your council's commercial strategy. It will explore which assets need to be protected and how to understand the options best suited to your council.

The job of a commercial team is becoming increasingly complex. In addition to delivering high-quality services and value for money for their organisation, they need to think about broader strategic aims, including sustainability, supporting local economic growth, and responding to global crises. Embedding cyber resilience into a local council’s supply chain is one of those important strategic priorities. And therefore, it requires careful thought, consideration and strategy at each stage of the procurement life cycle. You will find more for information about the activities specifically related to the strategy phase under In this section.

Cyber security and the procurement life cycle - strategy

This guidance is based on National Cyber Security Centre principles and is not formal guidance and should not be applied as such. It should be used to have conversations about how the issues raised can be dealt with locally. It does not constitute legal advice and should not be relied upon in that capacity. Independent legal advice should always be sought.

Strategy

How to identify the assets within your council that need to be protected

How to create cyber risk profiles for different procurement types

How to conduct a stocktake of current contracts, frameworks and suppliers

How to explore your cyber security people, skills and governance approach

Strategy

Highlighted pages

Planning

Tender

Contract

Management

Resources hub