Last edited 08 Sep 2021

Cyber resilience


[edit] Introduction

The Single Procurement Document (Scotland) - also referred to as SPD (Scotland) contains questions used at the selection stage for post-Brexit procurement exercises in Scotland to identify suitably qualified and experienced bidders.

The Supplier Journey portion of the Scottish Government’s procurement guidance website offers an overview of the different types of procurement procedures that are available under SPD (Scotland). This includes an explanation of the cyber resilience of suppliers - as it relates to the Scottish public sector.

[edit] Concerns over security

As defined by the Supplier Journey Glossary, cyber resilience is the ability to prepare for, withstand, rapidly recover and learn from deliberate attacks or accidental events in the online world.

Cyber resilience measures can help organisations:

  • Prepare by protecting them from cyber risks.
  • Withstand an attack by defending against and limiting the severity attacks.
  • Recover and learn by ensuring that operations continue despite an attack.

The number of cyber attacks targeting suppliers to the public sector has grown. Attacks can (intentionally or otherwise) disrupt and damage both suppliers’ services and public services.

[edit] Ensuring security

Against this background, the Scottish public sector has taken measures to ensure its suppliers have appropriate cyber security in place.

The Scottish Government sees this as an opportunity to build relationships with suppliers that have invested in cyber security within their organisations.

The Scottish Government has offered resources to assist suppliers that have expressed an interest in adopting a more consistent approach to cyber resilience. These tools are included in a Guidance Note which has been developed to help public sector bodies embed cyber resilience into the supply chain process.

These resources include:

Completing the CSPST questionnaire can be a time consuming process; suppliers are advised to allocate a sufficient amount of time in advance of deadlines in order to participate in the procurement process.

There is additional guidance for public sector buyers and suppliers on how to use CSPST in procurement processes.

[edit] Related articles

[edit] External resources

Designing Buildings Anywhere

Get the Firefox add-on to access 20,000 definitions direct from any website

Find out more Accept cookies and
don't show me this again