This guide will share best practices for embedding cyber security into your council's commercial strategy. It will explore which assets need to be protected and how to understand the options best suited to your council.

Decorative pink banner for cyber security strategy stage

The job of a commercial team is becoming increasingly complex. In addition to delivering high-quality services and value for money for their organisation, they need to think about broader strategic aims, including sustainability, supporting local economic growth, and responding to global crises. Embedding cyber resilience into a local council’s supply chain is one of those important strategic priorities. And therefore, it requires careful thought, consideration and strategy at each stage of the procurement life cycle. You will find more for information about the activities specifically related to the strategy phase under In this section.

Cyber security and the procurement life cycle - strategy

This guidance is based on National Cyber Security Centre principles and is not formal guidance and should not be applied as such. It should be used to have conversations about how the issues raised can be dealt with locally. It does not constitute legal advice and should not be relied upon in that capacity. Independent legal advice should always be sought.