Steelcase Inc, a US office furniture maker, outsourced its IT security function. As potential outsourcers took the position that liability for damages for security failure would rest with Steelcase, the company scrutinised the resumes of the staff of potential outsourcers to make the best decision on a supplier. Steelcase negotiated with the chosen supplier and reached agreement on three levels of change control - standard, unusual and problematic. When changes were requested in the security in...

BPIR Categories

10.3.1 Establish systems security strategies & levels
10.5.2 Manage information technology facilities.

Unlock this article and 10,000+ more

To get the most out of our extensive resources, please login or become a member below.