Buyers and suppliers have called for more guidance on security and risk through the next iteration of the Government Digital Service’s G-Cloud.
More security guidance should be incorporated into next G-Cloud – Photo credit: PA Images
According to the GDS, suppliers said they would find it helpful to know about a buyer’s security requirements and how risk averse they are. In addition, they would like to know if there are any specific technical blocks earlier on in the process.
For buyers, queries are about how to understand and assess suppliers’ security assertions.
In a blogpost, the Digital Marketplace team said that although the G-Cloud 9 discovery had not yet started, it was starting to look at what issues it should cover.
The ninth iteration of G-Cloud is expected to have more significant changes as the GDS team looks at developing the end-to-end journey for users, but no major changes were made ahead of G-Cloud 8.
As part of its G-Cloud 9 discovery, the team will look at security issues.
“The discovery will tell us if, and how, the user need has changed and whether the services that government needs still fit into the four categories we have in the current G-Cloud iteration,” the blogpost said.
The post said that buyers and suppliers had made some recommendations to improve the Digital Marketplace, which include sharing experiences and allowing suppliers to provide more details on their security measures.
Buyers, meanwhile, called for tools to make their decisions easier – for instance using templates to help them evaluate and score suppliers.
The Digital Marketplace team added that it was being helped with this by the information security arm of GCHQ, the CESG.