Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Technology Product

Ken Sigler, Dan Shoemaker, Anne Kohnke

November 3, 2017 by Auerbach Publications
Reference - 278 Pages
ISBN 9781138197336 - CAT# K31263
Series: Internal Audit and IT Audit

USD$69.95

Add to Wish List
FREE Standard Shipping!

Features

Presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161.

Covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products

Explains how to establish systematic control over the supply chain and how to build auditable trust into the products and services acquired by the organization

Details a capability maturity development process that will install an increasingly competent process and an attendant set of activities and tasks within the technology acquisition process

Defines a complete and correct set of processes, activities, and tasks as well as monitoring and reporting systems.

Summary

The book presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161. It covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products. It explains how to establish systematic control over the supply chain and how to build auditable trust into the products and services acquired by the organization. It details a capability maturity development process that will install an increasingly competent process and an attendant set of activities and tasks within the technology acquisition process. It defines a complete and correct set of processes, activities, tasks and monitoring and reporting systems.