Security for Information Technology Service Contracts

Abstract

An increasing number of organizations are contracting with outside companies for installation and maintenance of their information technology (IT). All too often, these organizations experience increased difficulty in providing appropriate oversight of the services and software for which they have contracted. For example, contractor access to the organization's systems is often neither well controlled nor secure, placing information systems and data at risk. The practices recommended in this document are designed to assist your organization in managing the contractor, managing the contract, and deterring common, known security problems when IT services and software are externally contracted.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 1998
Accession Number
ADA336329

Entities

People

  • Barbara Fraser
  • Gary A. Ford
  • John Kochmar
  • Julia H. Allen
  • Lisa Cunningham

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Application Software
  • Commerce
  • Computer Access Control
  • Computer Network Security
  • Computers
  • Contractors
  • Contracts
  • Department Of Defense
  • Electronic Mail
  • Engineering
  • Information Systems
  • Internet
  • Network Protocols
  • Operating Systems
  • Security
  • Software Development
  • Websites

Fields of Study

  • Computer science

Readers

  • Government and Public Administration Law.
  • Software Engineering
  • Strategic Security Studies