Up One Level


Vendor Support

 

Vendor support can be a major source of risk to Information Security. Although a system may meet functional requirements, if the vendor does not have adequate support arrangements e.g. an office within the same state, or even country, you should question this aspect most carefully. Vendors will always play down this aspect, for they wish to make the sale. However, your system and hence your information, is at risk if you are unable to obtain adequate support within a reasonable time frame.

Where a vendor does not maintain a support office within reasonable distance, an acceptable alternative is to arrange for priority telephone support. However, for this to work, it is often imperative that you maintain systems staff who are capable of diagnosing the issue and discussing the problem with the vendor's technical staff. In general users would not always be able to do this; not always because of their lack of technical knowledge about their system, but because they may also need knowledge of the operating system and the networking environment.

In general, maintaining a Service Level Agreement (SLA) with the vendor of your key operational systems is a necessary expense.


*** The Information Security Glossary ***
Previous PageTop of this pageNext Page



Buy Now:

 

This Glossary forms part of the RUsecure Security Policy Suite... visit RUsecure Security Policy World
Use of the guidance contained within RUsecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word
 Risk Associates: Resources for Security Risk Analysis, ISO 17799 / BS7799, Security Policies and Security Audit