The book presents the concepts of ICT supply chain risk management from the perspective of NIST IR 800-161. It covers how to create a verifiable audit-based control structure to ensure comprehensive security for acquired products. It explains how to establish systematic control over the supply chain and how to build auditable trust into the products and services acquired by the organization. It details a capability maturity development process that will install an increasingly competent process and an attendant set of activities and tasks within the technology acquisition process. It defines a complete and correct set of processes, activities, tasks and monitoring and reporting systems.
ISBN: | 9781138197336 |
Publication date: | 3rd November 2017 |
Author: | Ken (Oakland Community College, Auburn Hills, Michigan, USA) Sigler, Dan (University of Detroit Mercy, Michigan, USA Shoemaker |
Publisher: | CRC Press an imprint of Taylor & Francis Ltd |
Format: | Paperback |
Pagination: | 278 pages |
Series: | Security, Audit and Leadership Series |
Genres: |
Computer science Digital and information technologies: Legal aspects Computer security Environmental science, engineering and technology Engineering: general Production and quality control management |