Raymond Pompon, IT Security Risk Control Management, 10.1007/978-1-4842-2140-2_23

23. Third-Party Security

Raymond Pompon¹

(1)Seattle, Washington, USA

Doveryai no proveryai. (Trust, but verify.)
—Russian proverb used by President Ronald Regan during arms control negotiations with Russian President Mikhail Gorbachev in the 1980s.

Every organization is dependent on other organizations outside of itself. It’s unlikely that your organization writes all of its own software, builds its own hardware, owns the buildings it occupies, and is an internet service provider. Your security is dependent on many of these things but if they are produced outside of your organization, your control is limited. Previous chapters touched on risk and ...

Get IT Security Risk Control Management: An Audit Preparation Plan now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

IT Security Risk Control Management: An Audit Preparation Plan by Raymond Pompon

23. Third-Party Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly