From the course: Cybersecurity Outsourcing: Vendor Selection and Management
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Tips for contracting with a vendor
From the course: Cybersecurity Outsourcing: Vendor Selection and Management
Tips for contracting with a vendor
- [Instructor] How can you make sure you get the right contract with your MSSP? Here are several tips that I've learned through experience. First, use a responsibility assignment matrix to clarify roles and responsibilities. This will set you up for success in the transition and will help you manage the risk of the MSSP drifting away from your procedures over time. A common approach is known as RACI, an acronym derived from four key roles. Responsible. Accountable. Consulted and informed. Here's a very simple example. You put each role in a column, and then you put one task per row. Be sure to review this thoroughly with your MSSP and incorporate it into your contract. There's a great tutorial on building a responsibility assignment matrix by Suzanna Haworth over at the Digital Project Manager website, so be sure to check that out. Another key decision you need to make early on is whose paper will you use to document the terms. If you don't have a contract, then start by evaluating…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.