The handbook every manager should read before they sign the contract
Managing Security in Outsourced and Offshored Environments. How to Safeguard Intellectual Assets in a Virtual Business World
If you need a working knowledge of how to implement and manage outsourcing and off-shoring of IT and business services, then this is the book for you.
Even if you have no prior knowledge of the subject, the book’s focus on the practical along with the specialist aspects of security management will give you a firm grounding in outsourcing solutions.
Access insights, tips and the warnings associated with outsourcing, including the three highly persuasive factors that will help you convince your managing director to see the benefits of externalizing supplies and services, whilst managing the risks.
Clearly laid out, the book sets out guidance, best practice and critical success factors for managing security risks. For the impatient amongst you, the key learning points contained in each chapter are a useful starting point for grasping the salient issues.
The book is an easy-to-follow guide for anyone without prior knowledge of the topic. It sets out guidance, learning points, best practices and critical success factors associated with managing the security risks associated with outsourcing and off-shoring of IT and business services.
The content is presented in an easy to understand and jargon-free style. Clearly structured to follow the life-cycle of outsourcing, you'll read about definining, selection, negotiation, implementation and ongoing management of outsourced services.
You’ll read research sponsored by the UK Government Cyber Security Knowledge Transfer Network, as practical guidelines are set out, to address the major areas of risk.
Building on both practical, real-life experience of implementing and managing large scale outsourcing programmes.
The book stands out for its focus on the “softer” management issues, such as relationship management, rather than the more factual points covered in other guides on this subject. It is those issues (strategy, risk assessment and relationship management) that ultimately determine the success of a major outsourcing programme.
How will this book benefit me?
Buy the book and follow the real-life experiences of designing and managing large scale outsourcing programmes, so you too can harness the powerful business practices that are capable of delivering impressive cost savings and operational benefits.
Who should read this book on outsourcing security?
This book would be an informative guide for anyone without prior knowledge of security management in outsourced and offshore environments. It would be of interest to:
- Business managers
- Chief Information officers (CIOs)
- Security managers
- Risk managers
- Procurement managers
- Legal advisers
If you are studying IT, information security or business studies this will also prove invaluble reference.
Contents of this book about off-shore outsourcing include:
- Types of outsourcing and off-shoring and their associated risks
- Business drivers for outsourcing and their impact on security
- Planning and preparation for outsourcing
- Selecting a supplier
- Developing and negotiating the contract
- Implementing the new arrangement
- Managing the relationship
- Review, termination and exit
- In conclusion
About the author
David Lacey is an IT and Security Director, with experience in large organizations such as the Royal Dutch/Shell Group and the Royal Mail Group.
He is a member of the Infosecurity Europe ‘Hall of Fame’.
His achievements include developing the original content of British Standard BS7799, achieving the world’s first accredited certification, and jointly founding the Jericho Forum.
Read David Lacey's IT Security Blog at ComputerWeekly.com.
Read what the reviewers have said about David Lacey's book:
“The handbook every manager should read before they sign the contract.” Professor Paul Dorey, Visiting Professor, Royal Holloway, University of London
"This well-respected author takes a fresh perspective on the challenges of security. This 'stand-out' guide shows clearly what needs to be done." Dr Alastair MacWillson, Global Managing Director, Accenture Technology Consulting
"A ‘must-have’ comprehensive reference of essential standards, controls and legislation. The author, David Lacey, offers superb practical guidance based on a wealth of experience." Geoff Harris, President of the Information Systems Security Association (ISSA) - UK
"An interesting and informative read on an extremely important, topical subject." Professor Fred Piper, Information Security Group, Royal Holloway, University of London
Browse BSI books on information security
Find the standards you need for information security
BS ISO/IEC 27002:2005, BS 7799-1:2005,BS ISO/IEC 17799:2005
Information technology. Security techniques. Code of practice for information security management