tISS: Supplier Governance
Download the Top Tips from this Corporate IT Forum workshop.
This Information Security Service Supplier Governance workshop had been chosen as a priority topic by The tISS Leadership Board and was identified and developed through research, surveys and member input.
Supplier management, procurement, and supplier relationship management are common in many large organisations. Aligned to these, supplier governance deals with the security and governance aspects of how the organisation manages its suppliers, including how security is included in contracts and compliance audited.
There were two case studies: one gave an approach to the ongoing security assessment of suppliers, and the other dealt with measurement including the measurability of contract security clauses, and a novel but simple approach to measuring the 'return on investment' of the supplier relationship.
In depth discussion of experiences and practices covered topics such as business and supplier engagement, assessment and selection, measurement, audit and compliance, and the methodologies and standards used.
The workshop hosted by The Corporate IT Forum was attended by 24 people representing 19 organisations from a wide cross-section of enterprises including financial services, councils, pharmaceuticals, government bodies and agencies, retail and manufacturing.
"The Corporate IT Forum is a fantastic level check, free of vendor sell and consultancy hype. I like the open sharing of experience…"
"We get valuable knowledge and experience from members of The Corporate IT Forum. This helps us to make better and informed decisions to reach our business goals…"
"The knowledge from other people on what they are doing/have done is invaluable to my team"
"The workshop validated the marketplace for supplier apps; participants were of a uniformly high standard; personally, I value highly the ethos of the Forum in the fact that it is supplier independent"