Software in Procurement

Software in Procurement considers the policy frameworks within which software solutions are procured in the Australian federal government. Relevant policies include but are not limited to:

- Protective Security Policy Framework

- Information Security Manual

- ASD’s Modern Defensible Architecture

- ASD’s Guidelines for Software Development Guideline

- ASD’s Guidelines for secure AI system Development

- ASD’s Secure by Design guideline

Other:

- Software Development Lifecycle

- AI Development Lifecycle

- NIST Secure Software Development Framework

- NIST Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework

- NIST Software Security in Supply Chains: Attesting to Conformity with Secure Software Development Practices

Software development and design has changed significantly since the era of modern software design evolved in the 1980’s. Since the advent of the internet, it has become more complex as software nowadays is rarely created from scratch and relies heavily on software supply chains.

Most developers use software code repositories (software libraries and modules). These repositories reduce time to market by providing a base for developers to add code (using proprietary and/or third-party code) but may add additional risk that needs due consideration.

Secure by design is a framework that holds cybersecurity at the forefront of software development and includes but is not limited to:

- Utilising memory safe languages

- Considering updates and patches

- Supply chain monitoring

Software in procurement is developing sound procurement documentation (including the draft contract) for an ICT solution. One of the most important aspects of procurement documentation is a considered and well-developed specification in the Statement of Requirement and corresponding services in the draft contract. A properly prepared and drafted specification greatly influences the quality of vendor responses to the request documentation. For example, if a potential tenderer is unsure of the requirement, their pricing may reflect this.

ProConIQ Consulting has extensive experience working in the ICT industry, Legal industry and in the ICT procurement and contracting industry. If you require assistance in this regard, please reach out to us at ProConIQ@outlook.com.au.

Disclaimer:

ProConIQ Consulting does not guarantee or accept any information published on this website and accepts no legal liability for the currency, reliability, accuracy or soundness of this website or any linked website.

Links to other websites are provided to users of the ProConIQ Consulting website for convenience and do not in any way constitute endorsement of that website material, product or service nor is ProConIQ Consulting responsible for other websites accuracy, availability, integrity. Users use these websites at their own

The Opinions and information contained within www.proconiqconsulting.com are provided “as is” without any warranties or guarantees.

Users of www.proconiqconsulting.com website should exercise their own judgement with respect to the material contained therein. Before any decision or action is undertaken by users viewing this material, users should seek their own professional advice.

ProConIQ Consulting accepts no liability for any damage to any user’s computer, software or data arising out of use of this website.

Find us at:
Quick Links:

We acknowledge the Traditional Aboriginal Owners of Country throughout New South Wales and pay our respects to them, their connections to land, sea and community. We pay our respects to their elders, past, present and future traditional owners.

Privacy
Disclaimer
Scams
Contact Us
Copyright

Copyright: ProConIQ Consulting 2024

Email: ProConIQ@outlook.com.au

Social Media:

Business hours: 9am - 5pm Monday - Friday

Social Media