In our contracts we will advise you what information security requirements apply.
Information sensitivity
  • Our standard conditions of purchase will reflect “Information Security Requirements Level 1”.
  • As the sensitivity or the nature of the  information you receive increases additional controls may be required and as a minimum if you receive BAE SYSTEMS SENSITIVE information, then “Information Security Requirements Level 2” will apply and for BAE SYSTEMS HIGHLY SENSITIVE information, then “Information Security Requirements Level 3” will apply.
 

Note: Where you provide specialist systems/services you may be required to comply with additional controls.

Level 1 - Standard

Level 1. Version 1.0 Valid from 09/08/2018

Level 2 - Sensitive

Level2. Version 1.0 Valid from 09/08/2018

Level 3 - Highly sensitive

Level 3. Version 1.0 Valid from 09/08/2018

Previous information security requirements documents