Procurement recommendations in the supply chain

Procurement recommendations

Content of procurement recommendations for high-impact and critical-impact entities according to

NCCS Article 35 Article 1

a) The description and classification of the types of ICT products, ICT services, and ICT processes used by high impact and critical impact entities within the high and critical perimeters.

b) A list of types of ICT products, ICT services, and ICT processes for which non-binding cybersecurity-related recommendations are developed, based on the respective regional cybersecurity risk assessment reports and the priorities of high-impact and critical-impact entities.