Procurement Process Steps
1. Risk Assessment
The first step is to undertake an internal risk assessment taking into consideration:
- Your department/agency’s risk profile. For guidance refer to the Protective Security Policy Framework (PSPF)-Policy 15: Physical security for entity resources.
- The sensitivity level or classification of the data to be hosted. For guidance refer to the Protective Security Policy Framework (PSPF)-Policy 9: Sensitive and classified information and Policy 11: Robust ICT Systems.
2. Explore list of Certified Service Providers
Explore the list of Certified Service Providers to discover the services that best suit your needs.
Now you have undertaken an internal risk assessment, and reviewed the list of Certified Service Providers, you can procure services through BuyICT.
Contact email@example.com to ensure you have the latest contract and/or agreement clauses.