IT Outsourcing Security

When any IT operation of an organisation is contracted out, the external service provider (or the outsourcing vendor) may effectively become an “insider”, handling sensitive and important information for the company. While the services provided by an outsourcing vendor may be beneficial and cost-effective, proper security management processes and procedures must be in place to protect sensitive data and customer privacy in outsourced IT projects or service. Data owners need to monitor and review all access rights granted to outsourcing vendors so as to protect key data at all times. The bottom line is; an organisation can outsource its operations, but not its responsibilities.

Download the full contents (in PDF format)

( To view and print the downloaded document, you need to use an Adobe Acrobat Reader. Please click here to download if necessary. )