This document discusses risks specific to outsourcing network services and enumerates recommendations and best practices to address these risks. It also presents a repeatable approach for any organization to determine its relative total risk posture, assesses risks of alternative procurement, vets courses of action, and communicates risk posture among organizations (e.g., business partners). The document assists organizations in building/strengthening their own individual optimal set of business and technical practices by leveraging the recommendations and repeatable approach as well as the guidance from existing frameworks and standards.
Note: This document was revised and reissued in July 2020. Revisions include refining the cost-benefit analysis discussion, correcting the total cost of ownership equation and supporting text, and updating references to NIST SP 800-160 Vol. 2, which was previously referenced as a draft.
- Additional Information
Reference G197 US ISBN 1-947754-40-9 Published 20 Mar 2020 Pages 70 Type Guides Subject Security
- Standards Information
Standards Information Base
Common Name Outsourced Networks Status Adopted Service Category Software Engineering Services Service Security Management Services Type The Open Group Guide