Outsourcing and Information Security

Free registration required

Executive Summary

The objective of this whitepaper is to discuss some important Information Security management issues Organizations face when they are considering, or are in the middle of, Outsourcing their ICT environment to an external Service Provider. The issues discussed here are mostly related to closing or preventing the "Gap" between Information Security Operations and business strategy and how to ensure that the proper identification of, assessment of and action on risk events takes place within the Outsourced environment. This whitepaper uses the ISO/IEC 27001 (and ISO/IEC 27002) international standard for an Information Security Management System as reference.

  • Format: PDF
  • Size: 877.4 KB