A contracting authority has discretion to determine what award criteria to apply but requirements must be proportionate and relevant and there must be clear methodology to evaluate responses.
Criteria should allow objective comparison of tenders, be published in advance in procurement documents and not discriminate against or favour potential contractors.
If evidence has been required to prove the legitimacy of a business then the on-going monitoring of that evidence needs to be robust and clearly defined. This should be addressed as part of contract and supplier management. The Annex includes examples of wording that may be used for this purpose.
Promoting good cyber resilience amongst suppliers can help reduce the impact of cyber-crime on both public sector organisations and suppliers themselves, and make Scotland's economy and society more cyber resilient.
If a contract will involve, support or rely upon the digital processing of information, organisations should ensure that appropriate consideration is given to potential cyber risks and their management.
Information on how to assess and manage cyber risks as part of the procurement process can be found in the Scottish public sector Guidance Note on Supplier Cyber Security. Buyers may also use the Cyber Security Procurement Support Tool (SCAS) to assess cyber risks and generate minimum cyber security requirements as part of award criteria. The SCAS tool and associated guidance includes links to helpful resources to support suppliers to improve their cyber resilience.
The buyer should be alert for abnormally low tenders, which could indicate deficiencies for example, in health and safety, breach of tax and social security obligations, or breaches of environmental, social or labour law etc. The contracting authority must require a bidder to explain any tender which, in its view, could be regarded as abnormally low.
Contracts must not be awarded where a tender price is abnormally low due to breaches of environmental, social or labour law, and contracts must also include relevant clauses to allow for termination in the case of breaches of environmental, social or labour law.
The Annex includes contract conditions that contracting authorities can adapt for use in their contracts.
Any contractor or sub-contractor performing security industry services under a Scottish Government contract is required to be registered with the ACS for the category of security service being provided/performed under the contract. There is a clause within the Annex that may be used for this purpose.