Guidance for GovTech and Public Administration

The public sector bears a special responsibility for the data sovereignty of its citizens. We support authorities, cantons, and municipalities in implementing EMBAG requirements and building modern, open IT architectures.

---

Focus Areas

EMBAG Implementation and OSPO Setup Transformation to Open Source by Default and the establishment of Open Source Program Offices (OSPO) to manage code publications.

Software Supply Chain Security (SBOM) Automated verification processes for software bills of materials ensure that security risks in purchased solutions remain visible.

Sovereign Cloud and AI Architecture AI solutions (like RAG) are operated entirely on Swiss infrastructure. Citizen data never leaves the protected space.

---

Use Cases

• Specialised Application Modernisation: Gradual replacement of outdated legacy systems with API-centric architectures.
• Open Source Governance: Developing guidelines for using and contributing to open-source projects.
• Compliance Automation: Technical implementation of legal requirements directly in the infrastructure (Compliance-as-Code).

---

Methods

The methods behind this are documented in the Neuland Handbook:

• Public Code and SBOM : Transparency as an administrative standard.
• Compliance : Automated auditing of technical systems.