Acquiring Vendor Developed Software

Acquiring software that is provided by outside suppliers, either as a package or as a bespoke development to meet the specific needs of your organisation.

To view the related Policy click      

  • The expected features of the software (the 'functionality'), if missing or inadequate, can make it difficult or impossible to meet the targets for the system in question.

  • Do not accept a vendor's verbal assurances without evidence. Present your requirements in a User Requirements Specification document and request written confirmation by the vendor.
  • Conduct a full review before acquisition. Avoid 'impulse purchases'.
  • Consider speaking to existing customers for their views. Be sceptical if the vendor is reluctant to provide a client list. This may be for valid reasons of Information Security or may indicate a deeper problem.
  • Inadequate support by the vendor can make it difficult, or impossible, to operate the system as expected thus compromising your business operations.

  • Where possible, select a vendor whose support services offer a rapid response; either on-site response and / or by telephone.
  • Vendor support levels should be specified in the purchase contract. See Service Level Agreement.
  • The performance and, where appropriate, the functionality of the software package should be the specified in the contract.

 

 
Previous PageTop of this pageNext Page

Information Security Policies from US$595

 From
 US$595

For further information about the RUsecure interactive security policies, visit Information Security Policy World
Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
Sponsor: ISO 17799 Directory
This site created with EasyHTMLHelp(tm) for MS Word

 

Next PageUpPrevious Page