Welcome to the NC3 self-assessment tool: Fit4Contract.
This questionnaire aims to identify the general scope of the contractual relationship considered, in order to set up an acquisition, a lease, a development or any other service in the field of information and communication technologies. Based on this scope, Fit4Contract provides a list of basic information security requirements that are recommended to be considered in establishing the contractual relationship. This is a self assessment tool and as such cannot provide definitive guidelines. This tool is simply raising awareness for Information Security in ICT product and service contracts. Additionally, many countries have their own legal requirements for contracts and thus, we do not take any responsibilities concerning the answers and we clarify that the user of this survey needs to verify, and adapt their contracts accordingly, to comply with all national and international laws.