Supplier Cyber Protection Service

This service allows the Ministry of Defence (MOD) and industry partners to manage cyber risk across the defence supply chain.

About this service

You can use this service to:

  • create a Risk Assessment for a MOD contract, which is used to create a Cyber Risk Profile
  • respond to a Risk Assessment and demonstrate compliance by completing a Supplier Assurance Questionnaire (SAQ)
  • view the responses to your completed Risk Assessment(s)
  • gain an understanding of the cyber risk associated with subcontracts
  • comply with DEFCON 658 and DEFSTAN 05-138

Before you start

To register you will need to have details of your company’s DUNS number, which is a unique identifier for each organisation. Registration will also require access to a mobile phone.

Some Risk Assessments may result in a Moderate or High Cyber Risk Profile. If you are completing a SAQ in response to one of these you will need to provide identity documentation.

If you are unable use this online service please email our support team at

Sign in

For general information please see the Defence Cyber Protection Partnership (DCPP) homepage.

For guidance on this Cyber Security Model please see the DCPP buyer and supplier guide.

Published 2 October 2017