Assessing Vendors

Assessing Vendors

A Hands-On Guide to Assessing Infosec and IT Vendors

1st Edition - April 10, 2013
This is the Latest Edition
  • Author: Josh More
  • Paperback ISBN: 9780124096073
  • eBook ISBN: 9780124104464

Purchase options

Purchase options
Available
DRM-free (Mobi, EPub, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

Assessing vendors is a tricky process. Large and regulated organizations are forced to demonstrate due diligence in vendor assessment, but often do not know how to do this. This results in a great deal of busywork being required by both the vendors and the organizations. Smaller organizations don't know what to look for and, as a result, often wind up selecting based on price instead of value. This results in service failures and vendors that just milk their customers for as long as they can. Assessing Vendors shows you how to walk the line between under- and over-assessing, so decisions can be made on sufficient data without wasting time, digging too deeply, or making decisions too quickly. This hands-on guide will show you how to use an iterative approach to vendor analysis, so you can rapidly filter out the vendors that are clear failures and then select likely winners. It will then show you how to do progressively deeper dives into the likely winners so you can select a preferred vendor. Finally, you will learn how to negotiate with your preferred vendor to get reasonable prices and services. Provides an iterative approach to vendor assessment, showing you how to make decisions on sufficient data without wasting time Includes checklists to help you navigate the decision-making process, while considering all the important factors needed to make a sound decision Helps you understand and evaluate vendors based on key concepts such as performance criteria, functional testing, production, and price

Key Features

  • Provides an iterative approach to vendor assessment, showing you how to make decisions on sufficient data without wasting time
  • Includes checklists to help you navigate the decision-making process, while considering all the important factors needed to make a sound decision
  • Helps you understand and evaluate vendors based on key concepts such as performance criteria, functional testing, production, and price

Readership

Information Security professionals of all levels, systems administrators, network administrators, and IT Managers

Table of Contents

  • Acknowledgments

    Introduction

    How to Read This Book

    Phase 1. Preliminary Research

    1.1 Preliminary Research

    Phase 2. Sort

    2.1 Sort

    Phase 3. Functional Testing

    3.1 Functional Testing

    Phase 4. Scoring, Weighting, and Sorting

    4.1 Scoring, Weighting, and Sorting

    Phase 5. Deep Testing

    5.1 Deep Testing

    5.2 Fair Versus Unfair Testing

    5.3 Identifying Needs

    Phase 6. Adjusting Needs

    6.1 Adjusting Needs

    Phase 7. Negotiating Price

    7.1 Negotiating Price

    Phase 8. Production

    8.1 Production

    Phase 9. Conclusion

    9.1 Conclusion

    9.2 Final Words

Product details

  • No. of pages: 94
  • Language: English
  • Copyright: © Syngress 2013
  • Published: April 10, 2013
  • Imprint: Syngress
  • Paperback ISBN: 9780124096073
  • eBook ISBN: 9780124104464
  • About the Author

    Josh More

    Josh has over fifteen years of experience in IT, and ten years working in Security. Though today, he primarily works as a security consultant, he has also worked in roles ranging from user to developer to system administrator. He holds several security and technical certifications and serves in a leadership position on several security-focused groups. He writes a blog on security at www.starmind.org and www.rjssoftware.com. As security works best from a holistic approach, he works all angles: risk assessments, posture analysis, incident response, malware analysis, infrastructure defense, system forensics, employee training and business strategy. Josh More works at RJS Software Systems, a national data management and security company.

    Affiliations and Expertise

    Senior Security Consultant, RJS Smart Security (CISSP, GIAC-GCIH, GIAC-GSLC)