From the course: Cybersecurity Outsourcing: Vendor Selection and Management
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Case study 2: Document requirements
From the course: Cybersecurity Outsourcing: Vendor Selection and Management
Case study 2: Document requirements
- [Instructor] Let's check back in with our InfoSec team and see how they documented their requirements. They had already decided to outsource two non-core tasks: creating user accounts, and resetting passwords. They saw these two tasks as a formal proof of concept before making a bigger commitment to outsourcing. These particular tasks were serious enough to get everyone's attention, but it wasn't so much work that a failure to outsource would likely result in catastrophe for the team or their company. Their next step was to ask the operational business leaders what level of responsiveness they required for each of these tasks. After reviewing the feedback, the following outcomes were decided. Password resets had to be done within 60 minutes of the initial request, and user account creation had to be finished within four hours of the original request. At this point the InfoSec team felt some unease about turning over the work, because they had never done anything like this before. It…