CSC adheres to both its own procurement guidelines and the Act on Public Procurement (1397/2016). Procurements are also governed by legal practice relating to the Act on Public Procurement. We also comply with other acts relating to the procurement in question and other legislative requirements applicable to the object of the procurement (such as the Act on the Openness of Government Activities and, on a case-by-case basis, also the General Data Protection Regulation and the Act on the Contractor's Obligations and Liability When Work is Tendered Out).

Even minor procurements that do not fall within the scope of the Act on Public Procurement are put out to tender following CSC's procurement guidelines. In strategically significant procurements, suppliers' subcontractors must also be approved in advance. CSC aims for fair treatment, long-term contracts and open cooperation. CSC organises centralised tendering processes, the results of which are used particularly by higher education institutions based on their position as in-house companies. CSC’s goal is to develop partnerships and thus guarantee good business conditions for all parties and the best possible service for customers. All suppliers are expected to comply with CSC’s operating principles.

CSC has entered into several framework agreements with goods and service providers subjected to a tendering process by Hansel Oy. Unless there is a particular reason not to, CSC always uses Hansel’s framework agreements, which also take environmental perspectives into account.  CSC's procurement guidelines instruct purchasers to consider environmental factors in accordance with the life cycle model: during the planning phase, during use, and at the end of the cycle.

CSC includes all information security requirements in its calls for tenders. Procurement contracts, and in particular those for IT services, software and hardware, contain a separate appendix on security. If necessary, the Chief Security Officer or their designated representative is involved in the planning and implementation of the procurement. If, as part of a procurement, personal data processing is outsourced to the service provider or the service provider acts as the controller when providing the service the procurement contract concerns, the requirements laid down in the Data Protection Act are complied with.

CSC is preparing a Code of Conduct for its suppliers. In the initial phase, we will prioritise those procurements in which the need for a Code of Conduct is the greatest. The Code will gradually be extended to cover all significant procurements made by CSC.

Back to top Go to Corporate Responsibility Report