Book details of 'Outsourcing Information Security (Computer Security Series)'

Title	Outsourcing Information Security (Computer Security Series)
Author(s)	C. Warren Axelrod
ISBN	1580535313
Language	English
Published	September 2004
Publisher	Artech House Publishers

---

Back to shelf Computer security
Amazon.com info for Outsourcing Information Security (Computer Security Series)

Score:

Vote for this book

The Virtual Bookcase Reviews of 'Outsourcing Information Security (Computer Security Series)':

Reviewer Rob Slade wrote:
The author states that he intends to raise issues involved in outsourcing security in such as way that those working through the process will not neglect important areas of concern. Chapter one reviews reasons for outsourcing. Lists of threats and vulnerabilities, in general, are given in chapter two. Costs are examined in chapter three, as a basic discussion of justification for outsourcing. Chapter four looks at risks that might be associated with outsourcing. Various types of costs, such as intangible, subjective, and indirect, are contemplated in chapter five, and costs related to different stages of the evaluation process in chapter six. Chapter seven investigates a number of issues surrounding the development of requirements for system or project development. The first chapter that actually seems to talk in detail about security outsourcing, rather than just outsourcing itself, is chapter eight, which goes through the ten domains of the CISSP (Certified Information Systems Security Professional) CBK (Common Body of Knowledge) (and some subdomains), determining which of them are particularly appropriate for outsourcing, and which are not. Chapter nine outlines the outsourcing process as a sequence of steps. Axelrod has provided a very solid and useful framework for dealing with the many areas that need to be considered if outsourcing is sought. Very little is directly relevant to the security function itself, but that may simply expand the market for the book. It is probably futile to expect that any more guidance could have been provided, since the possiblities are so immense, but the summary given here still leaves the potential outsourcer with an enormous amount of work to do. copyright Robert M. Slade, 2004
Add my review for Outsourcing Information Security (Computer Security Series)

Book description:

This comprehensive and timely resource examines security risks related to IT outsourcing, clearly showing you how to recognize, evaluate, minimize, and manage these risks. Unique in its scope, this single volume offers you complete coverage of the whole range of IT security services and fully treats the IT security concerns of outsourcing. The book helps you deepen your knowledge of the tangible and intangible costs and benefits associated with outsourcing IT and IS functions. Moreover, it enables you to determine which information security functions should be performed by a third party, better manage third-party relationships, and ensure that any functions handed over to a third party meet good security standards. From discussions on the IT outsourcing marketplace and the pros and cons of the IT outsourcing decision process, to a look at IT and IS service provider relationships and trends affecting outsourcing, this essential reference provides insight into how organizations are addressing some of the more thorny issues of IT and security outsourcing.