ISM-1857

IT equipment is chosen from vendors that have demonstrated a commitment to secure-by-design and secure-by-default principles, use of memory-safe programming languages where possible, secure programming practices, and maintaining the security of their products.

Topic
IT equipment selection
Applicable to
Non Classified, Official, Protected, Secret, Top Secret

History

Mar 2025
Removed
The existing control on the selection of IT equipment was rescinded due to duplication of an existing procurement control within the Guidelines for procurement and outsourcing.
Jun 2024
IT equipment is chosen from vendors that have demonstrated a commitment to secure-by-design and secure-by-default principles, use of memory-safe programming languages where possible, secure programming practices, and maintaining the security of their products.
References to ICT equipment were amended to IT equipment.
Jun 2023
ICT equipment is chosen from vendors that have demonstrated a commitment to secure-by-design and secure-by-default principles, use of memory-safe programming languages where possible, secure programming practices, and maintaining the security of their products.
A new control was added covering the selection of ICT equipment from vendors that have demonstrated a commitment to secure-by-design and secure-by-default principles, use of memory-safe programming languages where possible, secure programming practices, and maintaining the security of their products.