OUTSOURCING INFORMATION SECURITY MAY POSE DIRE CONSEQUENCES FOR BUSINESS AND GOVERNMENT

Despite the widespread controversy surrounding the outsourcing of information security, organizations must understand and consider what costs and benefits are incurred and gained, respectively. Author C. Warren Axelrod has done an outstanding job of presenting the controversy surrounding the intersection of the two most dynamic, difficult, and controversial areas of information technology today, namely, outsourcing and security.

Axelrod begins this book by defining the scope of the treatment of the joint topics of outsourcing and security. Next, the author lays out the range of information security risk that are confronted daily, whether an activity is outsourced or not. Then, he looks at the risk of outsourcing. In addition, the author describes in detail the categories of costs and benefits. He also describes how the outsourcing costs and benefits relate to the Request for Information (RFI) and Request for Proposal (RFP) processes. Then, he looks at the outsourcing evaluation process that takes place once the information has been collected and sorted. The author then delves into the specific security considerations that affect the outsourcing decision and how they should be handled. Finally, he summarizes the full flow of the outsourcing evaluation and decision processes.

With the preceding in mind, the author has done an excellent job of presenting how outsourcing opportunities have become a continuous process as new services become available, new services of those services appear, and business takes on more of a global aspect. At the end of the day, it behooves a nimble organization in a competitive market to keep its outsourcing options open and its ability to evaluate choices finely tuned..

Other Reviews

• A bit thin on the security-specific aspects of outsourcing
• OUTSOURCING INFORMATION SECURITY MAY POSE DIRE CONSEQUENCES FOR BUSINESS AND GOVERNMENT
• A Must Read!
• At Least It Explains the Problem