-
Essay / Information Security Consultant Outsourcing - 1798
IntroductionOutsourcing is a technique that allows companies to reallocate specific responsibilities to external entities. There are several motivations for outsourcing, including organizational, improvement, cost, and revenue benefits (Ghodeswar & Vaidyanathan, 2008). The objectives of the research were to (a) better understand how to secure strategic partnerships in the information technology (IT) field; (b) understand the choices made to reduce information and security risks by exploring different outsourcing techniques, and; (c) understand how business processes associated with outsourcing will drive awareness of how the process relates to human behaviors. Topics covered include an evaluation of the specifications for information security consultants to become strategic partners contributing to the reduction of information or security risks, an examination of four factors that were omitted from the specifications and that add value to the selection process, and an explanation of the value of the four factors. SpecificationsInformation Security Consultants (INFOSEC) assist corporate clients through strategic partnerships (Ghodeswar & Vaidyanathan, 2008). A brief study of outsourcing in the United States creates a prospective baseline for private institutions' outsourcing efforts (Ghodeswar & Vaidyanathan, 2008). Despite the fact that the vendor has responsibilities and duties (detailed in the statement of work), the client is primarily responsible for overseeing strategic partnerships (Ghodeswar & Vaidyanathan, 2008). Evaluate the specifications of information security consultants (vendors) to become a Strategic Partner assisting in the reduction of information or security risksDue to economic requirements...... middle of article. .....e of practice for information security management (1st ed.). Geneva, Switzerland: ISO/IEC.ITGI. (2012). COBIT 5.0. Rolling Meadows: ISACA. Marquis, K. (2011). Insourcing and outsourcing for US Department of Defense IT projects: a model (Tech.). Retrieved from http://www.dtic.mil/dtic/tr/fulltext/u2/a549027.pdfRay, M. and Ramaswamy, P. (2007). GTAG: Information Technology Outsourcing (Vol. 7). Altamonte Springs, Florida: The IIA. Reinhard, J. (2012). Integration of IT governance. Internal Auditor, 69(4), 51-54. Rossiter, C. (2011). How internal audit adds value to the governance process. Protiviti, Inc. Retrieved from http://www.protiviticonsulting.com/en-US/Pages/How-Internal-Audit-Adds-Value-to-the-Governance-Process.aspxTutorialpoint. (2014). Statement of Work. Tutorial point. Retrieved from http://www.tutorialspoint.com/management_concepts/statement_of_work.htm