SlideShare una empresa de Scribd logo

Security For Outsourced IT Contracts

Descargar como PPT, PDF
Bill Lisse
Bill Lisse

The document discusses managing security risks when information technology functions are outsourced to third parties. It covers planning for outsourcing contracts, including assessing security risks, requirements for vendors, and contract terms. It also discusses selecting vendors, administering contracts over time through reviews and audits, and ensuring proper termination of contracts and systems access. Managing security is key throughout the outsourcing lifecycle from initial planning through contract completion.

1 de 15
Bill Lisse, CISSP, CISA, CGEIT, PMP, G7799 Corporate Information Security Officer 1/19/2011 Managing Security in Outsourced Information Technologies
Overview ,[object Object],[object Object],[object Object],[object Object],[object Object],Risk is always involved when third-party entities are given access to sensitive customer data, privileged business operation details, or intellectual property vulnerable to public or competitor disclosure.
Shifting Sands ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Shifting Sands ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Information technology outsourcing has grown in popularity as an efficient, cost-effective, and expert solution designed to meet the demands of systems implementation, maintenance, security, and operations.
Planning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Planning is the most critical phase of IT contract management – information security should be built into the contract at its inception.
Planning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Planning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Planning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Key issues can range from requiring the vendor to maintain specified levels of security through employee awareness training and contractual obligations and company indemnification by the vendor for any breaches.
Planning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Source Selection and Award ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Contract Administration ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Contract Termination ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Don’t neglect contract termination; residuals and loose ends are real security risks.
Conclusion ,[object Object],[object Object],[object Object],[object Object],[object Object]
References ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security For Outsourced IT Contracts

Recomendados

William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015
William Tanenbaum
 
Setting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeSetting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance Office
Cloud Watchmen Inc.
 
Organizational Resilience Management - an Integrated GRC Approach
Organizational Resilience Management - an Integrated GRC ApproachOrganizational Resilience Management - an Integrated GRC Approach
Organizational Resilience Management - an Integrated GRC Approach
PECB
 
Finding a Strategic Voice - IBM CISO Study
Finding a Strategic Voice - IBM CISO StudyFinding a Strategic Voice - IBM CISO Study
Finding a Strategic Voice - IBM CISO Study
IBMGovernmentCA
 
PECB Webinar: Why every company needs a CISO?
PECB Webinar: Why every company needs a CISO?PECB Webinar: Why every company needs a CISO?
PECB Webinar: Why every company needs a CISO?
PECB
 
CISO Case Study 2011 V2
CISO Case Study 2011 V2CISO Case Study 2011 V2
CISO Case Study 2011 V2
candy_alexander
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
Financial Poise
 
Robert beggs incident response teams - atlseccon2011
Robert beggs incident response teams - atlseccon2011Robert beggs incident response teams - atlseccon2011
Robert beggs incident response teams - atlseccon2011
Atlantic Security Conference
 

Recomendados

William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015William A. Tanenbaum Association of Benefit Administrators April 2015
William A. Tanenbaum Association of Benefit Administrators April 2015
William Tanenbaum
 
Setting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance OfficeSetting up an Effective Security and Compliance Office
Setting up an Effective Security and Compliance Office
Cloud Watchmen Inc.
 
Organizational Resilience Management - an Integrated GRC Approach
Organizational Resilience Management - an Integrated GRC ApproachOrganizational Resilience Management - an Integrated GRC Approach
Organizational Resilience Management - an Integrated GRC Approach
PECB
 
Finding a Strategic Voice - IBM CISO Study
Finding a Strategic Voice - IBM CISO StudyFinding a Strategic Voice - IBM CISO Study
Finding a Strategic Voice - IBM CISO Study
IBMGovernmentCA
 
PECB Webinar: Why every company needs a CISO?
PECB Webinar: Why every company needs a CISO?PECB Webinar: Why every company needs a CISO?
PECB Webinar: Why every company needs a CISO?
PECB
 
CISO Case Study 2011 V2
CISO Case Study 2011 V2CISO Case Study 2011 V2
CISO Case Study 2011 V2
candy_alexander
 
How to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security ProgramHow to Build and Implement your Company's Information Security Program
How to Build and Implement your Company's Information Security Program
Financial Poise
 
Robert beggs incident response teams - atlseccon2011
Robert beggs incident response teams - atlseccon2011Robert beggs incident response teams - atlseccon2011
Robert beggs incident response teams - atlseccon2011
Atlantic Security Conference
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
 
Compliance IT Project Categories
Compliance IT Project CategoriesCompliance IT Project Categories
Compliance IT Project Categories
Mark Ritchie
 
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Financial Poise
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
Joel Cardella
 
Cyber Insurance CLE
Cyber Insurance CLE Cyber Insurance CLE
Cyber Insurance CLE
Sarah Stogner
 
Dit yvol5iss36
Dit yvol5iss36Dit yvol5iss36
Dit yvol5iss36
Rick Lemieux
 
Data protection services lifecycle approach to critical information protection
Data protection services lifecycle approach to critical information protectionData protection services lifecycle approach to critical information protection
Data protection services lifecycle approach to critical information protection
Aujas Networks Pvt. Ltd.
 
Third-Party Risk Management
Third-Party Risk ManagementThird-Party Risk Management
Third-Party Risk Management
Mark Scales
 
Offshore services
Offshore servicesOffshore services
Offshore services
BrizGo
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
Maganathin Veeraragaloo
 
Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...
Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...
Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...
Dan Reynolds, CPA, CFE, CAMS
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MB
Alan Greggo
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
tbeckwith
 
Information technology risks
Information technology risksInformation technology risks
Information technology risks
salman butt
 
The Increasing Problems Of Controlling Access
The Increasing Problems Of Controlling AccessThe Increasing Problems Of Controlling Access
The Increasing Problems Of Controlling Access
Kylie Dunn
 
Planning A Secure Partner Portal
Planning A Secure Partner PortalPlanning A Secure Partner Portal
Planning A Secure Partner Portal
Leo de Sousa
 
Winning Tactics for Data Governance
Winning Tactics for Data GovernanceWinning Tactics for Data Governance
Winning Tactics for Data Governance
Colleen Beck-Domanico
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB
 
CBIZ Cyber Liability Flyer
CBIZ Cyber Liability FlyerCBIZ Cyber Liability Flyer
CBIZ Cyber Liability Flyer
CBIZ, Inc.
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines School
Hernan Huwyler, MBA CPA
 
Globalizing management education_issues_&_challenges_for___industry_&...
Globalizing management education_issues_&_challenges_for___industry_&...Globalizing management education_issues_&_challenges_for___industry_&...
Globalizing management education_issues_&_challenges_for___industry_&...
Tweena Pandey
 
Absenteeism and performance the challenge of summer 2012 events
Absenteeism and performance the challenge of summer 2012 eventsAbsenteeism and performance the challenge of summer 2012 events
Absenteeism and performance the challenge of summer 2012 events
Mike Morrison
 

Más contenido relacionado

La actualidad más candente

Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Financial Poise
 
Third-Party Risk Management
Third-Party Risk ManagementThird-Party Risk Management
Third-Party Risk Management
Mark Scales
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MB
Alan Greggo
 
Information technology risks
Information technology risksInformation technology risks
Information technology risks
salman butt
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
PECB
 

La actualidad más candente (20)

Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
Compliance IT Project Categories
Compliance IT Project CategoriesCompliance IT Project Categories
Compliance IT Project Categories
 
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
Procurement & Government Contracting Compliance (Series: Corporate & Regulato...
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
Cyber Insurance CLE
Cyber Insurance CLE Cyber Insurance CLE
Cyber Insurance CLE
 
Dit yvol5iss36
Dit yvol5iss36Dit yvol5iss36
Dit yvol5iss36
 
Data protection services lifecycle approach to critical information protection
Data protection services lifecycle approach to critical information protectionData protection services lifecycle approach to critical information protection
Data protection services lifecycle approach to critical information protection
 
Third-Party Risk Management
Third-Party Risk ManagementThird-Party Risk Management
Third-Party Risk Management
 
Offshore services
Offshore servicesOffshore services
Offshore services
 
Development of Digital Identity Systems
Development of Digital Identity Systems Development of Digital Identity Systems
Development of Digital Identity Systems
 
Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...
Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...
Third Party Compliance: Issues and Strategies to Mitigate Corruption Related ...
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MB
 
Dlp Methodology
Dlp MethodologyDlp Methodology
Dlp Methodology
 
Information technology risks
Information technology risksInformation technology risks
Information technology risks
 
The Increasing Problems Of Controlling Access
The Increasing Problems Of Controlling AccessThe Increasing Problems Of Controlling Access
The Increasing Problems Of Controlling Access
 
Planning A Secure Partner Portal
Planning A Secure Partner PortalPlanning A Secure Partner Portal
Planning A Secure Partner Portal
 
Winning Tactics for Data Governance
Winning Tactics for Data GovernanceWinning Tactics for Data Governance
Winning Tactics for Data Governance
 
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
Data Privacy, Information Security, and Cybersecurity: What Your Business Nee...
 
CBIZ Cyber Liability Flyer
CBIZ Cyber Liability FlyerCBIZ Cyber Liability Flyer
CBIZ Cyber Liability Flyer
 
Master Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines SchoolMaster Class Cyber Compliance IE Law School IE Busines School
Master Class Cyber Compliance IE Law School IE Busines School
 

Destacado

Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365
Miguel Isidoro
 
Cybersecurity R&D briefing
Cybersecurity R&D briefingCybersecurity R&D briefing
Cybersecurity R&D briefing
Naba Barkakati
 
Unpacking Intuition - Prof Sadler-Smith
Unpacking Intuition - Prof Sadler-SmithUnpacking Intuition - Prof Sadler-Smith
Unpacking Intuition - Prof Sadler-Smith
Mike Morrison
 
080529 yashima ppfinal [compatibility mode]
080529 yashima ppfinal [compatibility mode]080529 yashima ppfinal [compatibility mode]
080529 yashima ppfinal [compatibility mode]
MoonKJun
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 

Destacado (20)

Globalizing management education_issues_&_challenges_for___industry_&...
Globalizing management education_issues_&_challenges_for___industry_&...Globalizing management education_issues_&_challenges_for___industry_&...
Globalizing management education_issues_&_challenges_for___industry_&...
 
Absenteeism and performance the challenge of summer 2012 events
Absenteeism and performance the challenge of summer 2012 eventsAbsenteeism and performance the challenge of summer 2012 events
Absenteeism and performance the challenge of summer 2012 events
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365
 
Cybersecurity R&D briefing
Cybersecurity R&D briefingCybersecurity R&D briefing
Cybersecurity R&D briefing
 
Security Administration Intro
Security Administration IntroSecurity Administration Intro
Security Administration Intro
 
Peter Cheese webinar slides April 2013
Peter Cheese webinar slides April 2013Peter Cheese webinar slides April 2013
Peter Cheese webinar slides April 2013
 
Unpacking Intuition - Prof Sadler-Smith
Unpacking Intuition - Prof Sadler-SmithUnpacking Intuition - Prof Sadler-Smith
Unpacking Intuition - Prof Sadler-Smith
 
080529 yashima ppfinal [compatibility mode]
080529 yashima ppfinal [compatibility mode]080529 yashima ppfinal [compatibility mode]
080529 yashima ppfinal [compatibility mode]
 
Human security introduction by dr. ghassan shahrour
Human security introduction by dr. ghassan shahrourHuman security introduction by dr. ghassan shahrour
Human security introduction by dr. ghassan shahrour
 
PPM Security Manifesto - Gulhigen #Olhuvaalimanifesto
PPM Security Manifesto - Gulhigen #Olhuvaalimanifesto PPM Security Manifesto - Gulhigen #Olhuvaalimanifesto
PPM Security Manifesto - Gulhigen #Olhuvaalimanifesto
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
 
Watermarking & Encryption
Watermarking & EncryptionWatermarking & Encryption
Watermarking & Encryption
 
ISSA Data Retention Policy Development
ISSA Data Retention Policy DevelopmentISSA Data Retention Policy Development
ISSA Data Retention Policy Development
 
9 June 2009 المحاضرة INFOSEC
9 June 2009 المحاضرة INFOSEC9 June 2009 المحاضرة INFOSEC
9 June 2009 المحاضرة INFOSEC
 
التشفير
التشفيرالتشفير
التشفير
 
أساليب تشفير البيانات، بناء مقاطع التشفير
أساليب تشفير البيانات، بناء مقاطع التشفيرأساليب تشفير البيانات، بناء مقاطع التشفير
أساليب تشفير البيانات، بناء مقاطع التشفير
 
4 أنواع خوارزميات التشفير
4 أنواع خوارزميات التشفير4 أنواع خوارزميات التشفير
4 أنواع خوارزميات التشفير
 
Cisco network security Chapter7
Cisco network security Chapter7Cisco network security Chapter7
Cisco network security Chapter7
 
Mutual exclusion
Mutual exclusionMutual exclusion
Mutual exclusion
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016
 

Similar a Security For Outsourced IT Contracts

Procurement Of Software And Information Technology Services
Procurement Of Software And Information Technology ServicesProcurement Of Software And Information Technology Services
Procurement Of Software And Information Technology Services
Peister
 
Information Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your BusinessInformation Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your Business
Laura Perry
 
CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017
Joseph John
 
Info Security & PCI(original)
Info Security & PCI(original)Info Security & PCI(original)
Info Security & PCI(original)
NCTechSymposium
 
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company Profile
KGanzy
 

Similar a Security For Outsourced IT Contracts (20)

Outsourcing Security Management
Outsourcing Security ManagementOutsourcing Security Management
Outsourcing Security Management
 
Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11
 
Procurement Of Software And Information Technology Services
Procurement Of Software And Information Technology ServicesProcurement Of Software And Information Technology Services
Procurement Of Software And Information Technology Services
 
David Whitaker: Managing Your Vendors
David Whitaker: Managing Your VendorsDavid Whitaker: Managing Your Vendors
David Whitaker: Managing Your Vendors
 
M014 Confluence Presentation 08 15 06
M014 Confluence Presentation 08 15 06M014 Confluence Presentation 08 15 06
M014 Confluence Presentation 08 15 06
 
Information Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your BusinessInformation Security Program & PCI Compliance Planning for your Business
Information Security Program & PCI Compliance Planning for your Business
 
Class 2003 05 22
Class 2003 05 22Class 2003 05 22
Class 2003 05 22
 
DLP
DLPDLP
DLP
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017CRS Company Overview -Feb 6 2017
CRS Company Overview -Feb 6 2017
 
Info Security & PCI(original)
Info Security & PCI(original)Info Security & PCI(original)
Info Security & PCI(original)
 
Tft2 Task3 Essay
Tft2 Task3 EssayTft2 Task3 Essay
Tft2 Task3 Essay
 
Emerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityEmerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and Security
 
Emerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityEmerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and Security
 
WITDOM Credit Risk Scoring use case at ISSE 2017
WITDOM Credit Risk Scoring use case at ISSE 2017WITDOM Credit Risk Scoring use case at ISSE 2017
WITDOM Credit Risk Scoring use case at ISSE 2017
 
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
Positive Hack Days. Christopher Gould. Head in the Clouds…Can we overcome sec...
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company Profile
 
From Business Architecture to Security Architecture
From Business Architecture to Security ArchitectureFrom Business Architecture to Security Architecture
From Business Architecture to Security Architecture
 
Ca world 2007 SOC integration
Ca world 2007 SOC integrationCa world 2007 SOC integration
Ca world 2007 SOC integration
 

Security For Outsourced IT Contracts

  • 1. Bill Lisse, CISSP, CISA, CGEIT, PMP, G7799 Corporate Information Security Officer 1/19/2011 Managing Security in Outsourced Information Technologies
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.