G-Cloud 15 vs G-Cloud 14: What’s Changed and How to Prepare

G-Cloud 15 vs G-Cloud 14: What’s Changed and How to Prepare

A New Era for G-Cloud

G-Cloud 15 is the latest iteration of the UK government’s cloud procurement framework, set to replace G-Cloud 14. For tech SMEs supplying cloud services to the public sector, this change brings a more complex and robust process than before. The UK procurement landscape is evolving under new rules, meaning suppliers must adapt to new requirements and higher standards. G-Cloud 15 will be the first G-Cloud framework operating under the Procurement Act 2023, which came into force on 24 February 2025 and overhauled public procurement rules. The goal is to simplify processes, improve transparency and deliver more value – but in practice it introduces new obligations that suppliers need to plan for.

What’s different in G-Cloud 15 in comparison to G-Cloud 14?

• New evaluation criteria – Bids will be evaluated on price, quality and social value, not just basic compliance.

• Stricter compliance requirements – Suppliers may need to provide Carbon Reduction Plans and Modern Slavery statements as part of their application.

• Financial checks (FVRA Gold) – Certain lots will require a detailed Financial Viability Risk Assessment (Gold level) to prove your company’s stability.

• Cybersecurity standards – Cyber Essentials certification, while not mandatory, is strongly recommended to reassure buyers.

• Competition routes for call-offs – Buyers can now award contracts either directly or via mini-competition under G-Cloud 15, whereas G-Cloud 14 was primarily direct award.

• New Central Digital Platform – All suppliers must register on the new platform (the enhanced Find a Tender service) before bidding, replacing the old Digital Marketplace route.

Each of these changes means additional preparation for suppliers. Let’s explore what they mean for you and how to get ready.

New Procurement Rules and Social Value Focus

The Procurement Act 2023 introduced in February 2025 sets a new tone for public contracts. It emphasises transparency, broad competition, and delivering positive outcomes like social value and sustainability. Under G-Cloud 14 (which was governed by the older Public Contracts Regulations 2015), getting onto the framework was mainly a pass/fail process – if you met the basic criteria and agreed to terms, you were listed as a supplier. There was no weighted scoring of your bid because all compliant suppliers could join.

With G-Cloud 15, evaluation criteria have been expanded. For the first time on a G-Cloud framework, your submission will likely be assessed on price, quality, and social value contributions. In practice, this means you may need to answer qualitative questions or provide evidence relating to service quality and how your offering supports social value goals. Social value could include things like supporting UK jobs and skills, promoting diversity, contributing to environmental targets (e.g. net zero carbon), or aiding community development. Central government policy already requires that at least 10% of evaluation weighting in procurements is given to social value – G-Cloud 15 is expected to incorporate this policy formally.

What to do: Be prepared to articulate the broader benefits of your services. Think beyond just technical specs and price – consider how your cloud solution can deliver positive social or environmental impact for the public sector. You should have ready examples or statements about social value (for instance, energy efficiency of your cloud hosting, or apprenticeship schemes in your company) because these factors will play a part in evaluations. This is a shift from G-Cloud 14, where such narrative was less critical at the framework application stage.

New Compliance Requirements: Carbon Reduction and Modern Slavery

Suppliers will face tighter compliance checks under G-Cloud 15. Two notable documents expected in the application process are:

• Carbon Reduction Plan (CRP): If you are offering services in certain lots (particularly the major cloud infrastructure lots), you will likely need a Carbon Reduction Plan detailing your organisation’s current greenhouse gas emissions and the steps you’re taking to reduce them. This requirement aligns with the government’s commitment to net zero and stems from Procurement Policy Notices that mandate CRPs for larger contracts. G-Cloud 14 did not universally require a CRP at framework application – but going forward, if your cloud service could lead to substantial government spend (typically over £5m), a CRP may be mandatory. Even if you’re a smaller SME, it’s wise to have an environmental sustainability plan in place. It demonstrates that you align with government climate goals, which can only strengthen your position.

• Modern Slavery Statement: Public sector buyers are increasingly vigilant about ethical supply chains. G-Cloud 15 will request suppliers to provide a Modern Slavery Statement (if your company is of a size that requires one, or if you have one voluntarily). This statement outlines the steps your business takes to prevent modern slavery and human trafficking in your operations and supply chain. Under UK law, companies with over £36m turnover must publish such a statement annually – but even if you’re smaller, being able to show commitment in this area is important. G-Cloud 14 did not actively collect these statements as part of onboarding, but now it will be part of the due diligence.

What to do: Get your paperwork in order early. Ensure you have an up-to-date Carbon Reduction Plan (using the government’s template and guidance) and a Modern Slavery Statement ready if applicable. If you don’t strictly need one by law, consider drafting a brief version anyway to demonstrate compliance with ethical standards. These documents take time to prepare and often require director-level approval, so start now. Having them ready will prevent last-minute scrambles and show evaluators that you take compliance seriously.

Financial Viability: FVRA Gold Assessment

One of the more challenging new requirements in G-Cloud 15 is the financial stability check for suppliers in critical categories. Certain lots - notably the cloud hosting (Infrastructure-as-a-Service/Platform-as-a-Service) lot - will require what’s called a Financial Viability Risk Assessment (FVRA) at Gold level. This is essentially a deep dive into your financial accounts to ensure your business is financially sound enough to deliver potentially large or critical contracts.

Under G-Cloud 14, financial vetting was relatively light-touch for most suppliers (often just basic credit checks or review of accounts). Now, if you aim to offer core cloud infrastructure services (especially to central government or defence clients), you should be prepared to fill out a detailed financial questionnaire and provide extensive financial data. A Gold FVRA means you’ll input figures from your balance sheet and profit/loss statements, and the system will calculate various ratios (profitability, liquidity, debt etc.) to flag any risks. You will have the chance to explain any anomalies or provide context - this actually can help SMEs by allowing mitigating explanations if, say, one metric looks weak but overall the company is stable. However, it is a thorough process and can be time-consuming.

What to do: Review your latest financial accounts and be ready to supply detailed information. If your company’s finances have any weak spots (for example, a recent investment year with losses, or low liquidity due to growth phase), gather evidence and narrative to show the overall picture is sound - perhaps parent company support, insurance, or steady revenue growth to offset risks. You might also consider having your finance director or an accountant on standby to help complete the FVRA form accurately. While this step adds effort, it ultimately ensures that only financially resilient suppliers are trusted with big public sector workloads, which protects both buyers and suppliers in the long run.

Importantly, the number of suppliers on G-Cloud 15 won’t be capped, but these stricter criteria mean not everyone will pass. This is a contrast to G-Cloud 14 which had thousands of suppliers. Expect that the bar is higher now; meeting the financial tests is part of that. If you’re a very small business and worried about the Gold assessment, note that it may only apply to certain lots. If your offerings are more niche or lower-value (for example, a small SaaS product), the requirements might be proportionate (possibly a lighter “Silver” financial check). Check the lot specifications when they’re published to choose the right category for your scale.

Cybersecurity Standards: Emphasis on Cyber Essentials

Cybersecurity has always been important in government supply, but G-Cloud 15 puts a spotlight on formal credentials. While not explicitly mandatory for all suppliers, having a Cyber Essentials (CE) certification is now strongly encouraged. Cyber Essentials is the UK government-backed scheme that certifies an organisation has basic cyber security measures in place. Some public sector contracts require it as a condition, and its importance is growing as cyber threats rise.

Under G-Cloud 14, suppliers were asked about their security measures in service definitions, but there was no requirement to hold Cyber Essentials at framework entry. With G-Cloud 15, expect to be asked about your cyber certification status. If you have Cyber Essentials or Cyber Essentials Plus, it may give you an edge and reassure buyers. In some cases (particularly if you handle sensitive data or work with defence agencies under the new Lot 1b for Defence & Security cloud services), a Cyber Essentials certification or equivalent might effectively be required to do business.

What to do: If you haven’t already, invest in getting Cyber Essentials certified. The basic certification is relatively inexpensive and demonstrates that your company follows best practices (like secure configuration, access control, patch management, malware protection, and network security). It’s a good marketing point as well - you can proudly mention it in your service listing. If you already have Cyber Essentials, consider whether upgrading to Cyber Essentials Plus (which involves an external audit) is feasible; it’s not required but it further proves your commitment to security. At minimum, be ready to answer security questions in the tender and provide evidence of how you keep government data safe.

Framework Structure and Competition Routes

Beyond individual requirements, G-Cloud 15 is breaking new ground in how the framework itself is structured and operates:

• New Lot Structure: G-Cloud 15 will introduce a refined lot structure. Whereas G-Cloud 14 had three lots (Cloud Hosting, Cloud Software, Cloud Support), G-Cloud 15 is expected to split these further. For example, the new framework will likely have separate sub-lots for different types of SaaS (such as one specifically for IT management software, and another for general SaaS), and a distinct lot for cloud hosting aimed at defence and security sectors (Lot 1b). This means you should pay close attention to which lot you apply for - choose the one that best fits your product/service. A more precise lot structure can help buyers find the right specialist suppliers, but it also might change the competitive pool you’re in. If you offer a niche cloud service, you won’t be lumped in with all SaaS products, but judged among peers in a narrower category.

• Open Framework with Refresh Opportunities: Traditionally, G-Cloud frameworks ran for 12 to 18 months and then were replaced by a new iteration, meaning suppliers who missed the boat had to wait for the next round. With the new procurement rules, G-Cloud 15 is expected to operate as an “open framework.” In practical terms, this could be a framework lasting up to 4 years, but with designated refresh points (possibly around 18 and 24 months in) where new suppliers can onboard and existing suppliers can update their service offerings or prices. This is not yet confirmed official policy, but it has been signalled as the likely approach. An open framework is great news for flexibility - it allows continuous updating and doesn’t lock out newcomers for years. However, it also means more ongoing admin for suppliers: you might need to reconfirm credentials or refresh documents at those intervals to remain on the framework.

• Call-Off Competition Options: Perhaps the biggest practical change for how contracts are won through G-Cloud is the introduction of optional competition at the call-off stage. Under G-Cloud 14, the process for a buyer to procure was usually to directly award to the supplier that best met requirements and offered best value (essentially a direct purchase from the online catalogue after some filtering). There was no formal mini-competition; in fact, G-Cloud was known for its direct award convenience. Going forward, G-Cloud 15 will still allow direct awards (“without competition”), but it will also explicitly allow mini-competitions among G-Cloud suppliers if a buyer prefers. This aligns with the Procurement Act 2023’s flexibility, but it means as a supplier you could be asked to submit a tailored proposal or pricing for a specific customer requirement even though you’re already on the framework. In other words, simply being listed on G-Cloud 15 might not guarantee a stream of orders - you may need to actively compete for some contracts.

What to do: Keep informed about the framework timeline. When G-Cloud 15 opens for applications (planned October 2025), mark your calendar for those potential refresh points in 2026 or 2027. The refresh points will give you an opportunity for new entrants and the ability to update your services and pricing - a change from the G-Cloud 14 pattern. For those already on board, treat your G-Cloud listing as a living thing: update your service descriptions and pricing whenever refresh windows open to stay competitive. And crucially, be ready for buyers to initiate mini-competitions. This means you might receive invitations to quote or answer specific questions for a particular project. Ensure you have resources (however small) for responding to these opportunities - quick turnaround, good proposal writing, and sharp pricing will make the difference. SMEs should see this not as a burden but as a chance to stand out: if you can respond agilely and highlight your strengths in a mini-competition, you could unseat bigger players who were relying on passive catalogue listings.

The Central Digital Platform: New Process for Bidding

One immediate change you will notice is the bidding process platform. In the past, G-Cloud applications were handled via the Digital Marketplace portal. Now, all suppliers must use the Central Digital Platform (CDP) - an enhanced version of the government’s Find a Tender service - to register and submit bids. This central portal is part of the Procurement Act’s push to simplify finding and bidding for public contracts.

Before you can even access the G-Cloud 15 tender, you need to be registered on the new platform. This involves creating an account, inputting your organisation details, and uploading certain baseline information about your company. The good news is this platform will be used across many procurements, so you do this once and can reuse it. The less good news is that it’s a new system, so there may be a learning curve if you were used to the old one.

What to do: Don’t wait until the last minute - register on the Central Digital Platform as early as possible. As of now, registration is open and all suppliers can sign up. Gather your company info (like registration number, addresses, contact details, etc.) and fill out your supplier profile on the platform. Familiarise yourself with how to search for opportunities and how to submit responses. The government has published video guides and manuals on using the new system; taking an hour to go through those could save you a lot of frustration later. By being comfortable with the new portal, you’ll be in a strong position to quickly complete the G-Cloud 15 ITT when it is released. Keep an eye on communications from Crown Commercial Service (CCS) – they are likely to send updates or host webinars (for example, techUK and CCS have run supplier briefing sessions) about using the platform and any changes to the process.

Preparing for Success on G-Cloud 15

G-Cloud 15 brings a step change in rigour and scope compared to G-Cloud 14. For UK tech SMEs, this is both an opportunity and a challenge. The Government is keen to involve more innovative small businesses, but it is also raising the bar to ensure quality and value. Here are final key preparation tips for bidders:

1. Understand the New Requirements: Review all guidance from CCS about G-Cloud 15. Make a checklist of the documents and certifications you will need (Social value responses, CRP, Modern Slavery statement, financial info, security certs, etc.). Give yourself ample time to gather these. If anything is unfamiliar (e.g. you’ve never done a Carbon Reduction Plan before), seek advice or examples now.

2. Highlight Your Strengths in Social Value and Quality: Reflect on your offerings and company practices to identify what social value you deliver. It could be environmental benefits, local job creation, innovation that improves public services, or fair employment practices. Be ready to write about these in your tender responses. Similarly, think about how to demonstrate the quality of your service. Perhaps, via case studies of happy public sector clients or strong performance metrics.

3. Ensure Compliance Documents are Up to Scratch: Double-check that your policies (data protection, security, environmental, diversity, etc.) are current and aligned with Government expectations. Update them if needed so that when asked, you can supply a modern slavery policy or carbon plan that meets the latest standards. Small businesses might not have had these formally in place under G-Cloud 14, but the environment now expects them.

4. Financial Planning: If you anticipate needing to complete a FVRA Gold, get your financial house in order. Have your last few years of accounts readily available, and prepare explanations for any unusual financial results. It might even be worth running a self-assessment using the Cabinet Office’s financial viability template to see how you score. That way you can predict any red flags and prepare a mitigating explanation in advance.

5. Embrace the Platform and Process Changes: Get comfortable with the Central Digital Platform early and make sure your team knows how to use it. Mark important dates (tender opening, deadlines, webinars). The process may feel more involved than G-Cloud 14’s simple online form - but once you’ve navigated it the first time, it will become routine.

6. Stay Agile for Opportunities: With the introduction of mini-competitions at call-off, treat your G-Cloud presence as an active sales channel. Monitor for any buyer requests, and respond promptly and professionally. The increased complexity is not meant to deter you but to ensure the best suppliers shine through. If you are proactive and thorough, you can turn this complexity into a competitive advantage.

The Opportunity

As a supplier, transitioning from G-Cloud 14, or as a new entrant to G-Cloud 15, means adapting to a more demanding framework. However, this evolution is ultimately about improving public sector outcomes and creating a level playing field that rewards quality, sustainability, and innovation. Tech SMEs should not be discouraged by the new requirements; instead, see them as a chance to showcase everything you bring to the table - not just a good price, but also ethical practices, social impact, financial robustness, and secure, reliable services.

Take the time now to prepare and you will put your business in a strong position to succeed on G-Cloud 15. The public sector market is huge and still eager to engage with agile, creative SMEs. By understanding what’s changed and planning accordingly, you can navigate the new G-Cloud with confidence. Success will favour those who are informed and ready - and with the above insights, you’re already one step ahead in the bid to win government cloud contracts in this new era.

Good luck with your G-Cloud 15 journey!

This article reflects Nexus Procurement Solutions’ professional perspective on current procurement developments and does not constitute formal advice.