Download: GOVSEC 5 Guidance (PDF, 1003.9 KB)
Date of first approval: 20 April 2020
Date of review: 30 November 2022
Next review date: December 2024
Purpose
Security risks can arise through the procurement of goods and services and effective risk management is required to reduce the likelihood and consequence of security issues or incidents.
This policy supports the South Australian Government’s procurement requirements [1] which detail how agencies procure goods and services. The requirements of this policy seek to ensure security risk is a considered element in all procurement processes.
[1] The South Australian Procurement Framework consists of Treasurer's Instruction 18, the Procurement Governance Policy, and supporting policies that set the minimum requirements for each key procurement activity (planning, sourcing and contract management).The Framework is designed to empower public authorities to engage with industry, clients and communities to innovate and take balanced risks to pursue better outcomes.
Core Requirement
Manage any security risks that arise from the procurement of goods and services
Supporting Requirements
To ensure any security risks that arise from the procurement of goods and services are managed, agencies [2] must:
- identify and mitigate security risks to the agency’s people, information and assets generated by the procurement
- ensure relevant security terms and conditions are included in contracts and service agreements that mange identified security risks to the procurement
- manage and monitor:
a. security risks for changes or incidents that could affect the procurement, service agreement or security of the agency
b. the performance of the contractor (including subcontractors) over the lifetime of the contract
- implement appropriate security arrangements to manage the completion or termination of a contract or agreement
[2] This policy applies to all South Australian public sector agencies (as defined in section 3(1) of the Public Sector Act 2009) and to any other person or organisation that is generally subject to the direction of a Minister of the Crown; all of which are referred to in this policy as “Agencies”.