Managing Security in Outsourced and Offshore Environments

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

BIP 0116

Managing security in outsourced and offshored environments. How to safeguard intellectual assets in a virtual business world

Status : Current   Published : June 2010



The handbook every manager should read before they sign the contract

Managing Security in Outsourced and Offshored Environments. How to Safeguard Intellectual Assets in a Virtual Business World

Download a sample chapterDavid Lacey

If you need a working knowledge of how to implement and manage outsourcing and off-shoring of IT and business services, then this is the book for you.

Even if you have no prior knowledge of the subject, the book’s focus on the practical along with the specialist aspects of security management will give you a firm grounding in outsourcing solutions.

Access insights, tips and the warnings associated with outsourcing, including the three highly persuasive factors that will help you convince your managing director to see the benefits of externalizing supplies and services, whilst managing the risks.

Clearly laid out, the book sets out guidance, best practice and critical success factors for managing security risks. For the impatient amongst you, the key learning points contained in each chapter are a useful starting point for grasping the salient issues.

The book is an easy-to-follow guide for anyone without prior knowledge of the topic. It sets out guidance, learning points, best practices and critical success factors associated with managing the security risks associated with outsourcing and off-shoring of IT and business services.

The content is presented in an easy to understand and jargon-free style. Clearly structured to follow the life-cycle of outsourcing, you'll read about definining, selection, negotiation, implementation and ongoing management of outsourced services.

You’ll read research sponsored by the UK Government Cyber Security Knowledge Transfer Network, as practical guidelines are set out, to address the major areas of risk.

Building on both practical, real-life experience of implementing and managing large scale outsourcing programmes.

The book stands out for its focus on the “softer” management issues, such as relationship management, rather than the more factual points covered in other guides on this subject. It is those issues (strategy, risk assessment and relationship management) that ultimately determine the success of a major outsourcing programme.

How will this book benefit me?

Buy the book and follow the real-life experiences of designing and managing large scale outsourcing programmes, so you too can harness the powerful business practices that are capable of delivering impressive cost savings and operational benefits.

Who should read this book on outsourcing security?

This book would be an informative guide for anyone without prior knowledge of security management in outsourced and offshore environments. It would be of interest to:

  • Business managers
  • Chief Information officers (CIOs)
  • Security managers
  • Risk managers
  • Auditors
  • Procurement managers
  • Legal advisers
  • Consultants

If you are studying IT, information security or business studies this will also prove invaluble reference.

Contents of this book about off-shore outsourcing include:

  • Introduction
  • Types of outsourcing and off-shoring and their associated risks
  • Business drivers for outsourcing and their impact on security
  • Planning and preparation for outsourcing
  • Selecting a supplier
  • Developing and negotiating the contract
  • Implementing the new arrangement
  • Managing the relationship
  • Review, termination and exit
  • In conclusion
  • References.

About the author

David Lacey is an IT and Security Director, with experience in large organizations such as the Royal Dutch/Shell Group and the Royal Mail Group.

He is a member of the Infosecurity Europe ‘Hall of Fame’.

His achievements include developing the original content of British Standard BS7799, achieving the world’s first accredited certification, and jointly founding the Jericho Forum.

Read David Lacey's IT Security Blog at

Read what the reviewers have said about David Lacey's book:

“The handbook every manager should read before they sign the contract.” Professor Paul Dorey,  Visiting Professor, Royal Holloway, University of London

"This well-respected author takes a fresh perspective on the challenges of security. This 'stand-out' guide shows clearly what needs to be done." Dr Alastair MacWillson, Global Managing Director, Accenture Technology Consulting

"A ‘must-have’ comprehensive reference of essential standards, controls and legislation. The author, David Lacey, offers superb practical guidance based on a wealth of experience." Geoff Harris, President of the Information Systems Security Association (ISSA) - UK

"An interesting and informative read on an extremely important, topical subject." Professor Fred Piper, Information Security Group, Royal Holloway, University of London

Also available

Browse BSI books on information security

Find the standards you need for information security

BS ISO/IEC 27002:2005, BS 7799-1:2005,BS ISO/IEC 17799:2005
Information technology. Security techniques. Code of practice for information security management

Standard NumberBIP 0116
TitleManaging security in outsourced and offshored environments. How to safeguard intellectual assets in a virtual business world
Publication Date04 June 2010
DescriptorsData security, Enterprises, Management, Management operations, External, Data processing, Information operations, Consumer-supplier relations, Computer technology, Data management, Virtual terminals (OSI), Business continuity, Risk analysis, Planning, Selection, Contracts
ISBN978 0 580 68701 3
File Size1.6 MB

 Your basket
Your basket is empty

Take the smart route to manage medical device compliance

Worldwide Standards
We can source any standard from anywhere in the world

Collaborate, Innovate, Accelerate.


The faster, easier way to work with standards

Customers who bought this product also bought

  • BIP 0076
    Information security risk management Handbook for ISO/IEC 27001
  • BIP 2142:2012
    The route map to business continuity management Meeting the requirements of ISO 22301
  • BIP 2154:2008
    Good governance A risk-based management systems approach to internal control
  • BIP 2151:2012
    Auditing business continuity management plans Assess and improve your performance against ISO 22301