- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
A Security Guide For Acquiring Outsourced Service
- Abstract
- Outsourcing is not an abdication of the organisation's security responsibilities to an external contracting vendor. While leveraging on the economies of scale and technical expertise of the supplier, the organisation needs to make sure that the outsourced IT project or service does not introduce security problems or vulnerabilities to the already-functioning internal systems, business processes and operations. This guide is an attempt to collate all security requirements relating to outsourcing, for which organisations seeking outsourcing should actively look into. For organisations adopting outsourcing to remain secure, it is important for them to understand their own outsourcing needs and the related risks, and to handle outsourcing in the right manner and in the correct context. With this, will it then be possible for the security risks of outsourcing to be effectively mitigated to an acceptable level.