Information on security requirements
Security is a high priority for the Federal Department of Defence, Civil Protection and Sport (DDPS). The demands placed on its contractors are high, which is why the DDPS works in accordance with international information security standards.
The Federal Act of 25 September 2020 on Data Protection (Data Protection Act, FADP) and the Federal Act of 18 December 2020 on Information Security in the Confederation (Information Security Act, ISA) lay down binding rules on how information worthy of protection is to be handled. The following information is intended to ensure the legally compliant implementation of these requirements in the context of the contractual relationship with armasuisse.
- Do I process information under official secrecy (Art. 320 SCC), professional confidentiality (Art. 321 SCC) and/or manufacturing or trade secrecy (Art.162 SCC) or personal data (Art. 1 and Art. 2 FADP)?
- Have I received information with a classification note (INTERNAL, CONFIDENTIAL or SECRET) (Art. 5 let. b ISA)?
- Do I have access to federal IT resources (Art. 5 let. b ISA)?
- Do I have access to security or protection zones 2 or 3 of a military installation (Art. 2 and Art. 3 Military Installations Protection Ordinance)?
If you answer YES to one of these questions, the conditions set out in the «Agreement on the handling of information worthy of protection and cyber risks» apply and become part of the contract.
If you have any questions, please contact the responsible contract and project managers.