Title :
Managing Risk of IT Security Outsourcing in the Decision-Making Stage
Author :
Oladapo, Samuel ; Zavarsky, Pavol ; Ruhl, Ron ; Lindskog, Dale ; Igonor, Andy
Author_Institution :
Coll. of Alberta, Dept. of Inf. Syst. Security Manage., Concordia Univ., Edmonton, AB, Canada
Abstract :
With the promised benefits for outsourcing IT security services also come major risks. IT security outsourcing decisions possess major legal, organizational and contractual risks. Drawing on National Institute of Standards and Technology (NIST) publications as the principal source of information, supplemented by interviews with key security personnel, this research reviewed and extracted IT security risk elements which culminated in a flow-chart to aid decision-making with respect to IT security outsourcing.
Keywords :
decision making; law; outsourcing; risk management; security of data; IT security outsourcing; IT security risk elements; National Institute of Standards and Technology publication; decision-making stage; risk management; security personnel interviews; Decision making; Information resources; Information security; Law; Legal factors; NIST; National security; Outsourcing; Personnel; Risk management; IT security services; con-tractual; legal; organizational; outsourcing.; risk;
Conference_Titel :
Computational Science and Engineering, 2009. CSE '09. International Conference on
Conference_Location :
Vancouver, BC
Print_ISBN :
978-1-4244-5334-4
Electronic_ISBN :
978-0-7695-3823-5
DOI :
10.1109/CSE.2009.95
