RealNews

Bank group offers guidelines on outsourcing security risks

A consortium of the country’s top financial services firms last week published a set of industry guidelines to use in evaluating the security risks of IT outsourcing deals. The Banking Industry Technology Secretariat (BITS) in Washington released the security guidelines as an addendum to an existing framework for managing business relationships with IT services providers. The group’s goal is to help financial services firms streamline the outsourcing evaluation process and better manage the risks of handing over control of key corporate systems to vendors. The guidelines are based on the International Standards Organization’s ISO 17799 code of practice for information security management, which covers categories such as documenting corporate security policies and classifying assets. They also include best practices gathered from BITS members and input from vendors, government agencies and third-party IT auditors, said Faith Boettger, a senior consultant at BITS. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.