Evaluation Of Information Security Consultants

1766 Words8 Pages
The purpose of the study was to evaluate the specifications of information security consultants to become strategic partners in assisting a reduction of information or security risks. This study also examined omitted factors in the specifications that add value to the selection process. The results identified the importance of each factor, and the additional value added in consideration of the factors for selection of a strategic partner assisting in the reduction of information or security risks. Evaluating Information Security Consultant Specifications This paper provides an evaluation of the specifications of information security consultants in becoming a strategic partner in the reduction of information or security risks. An…show more content…
For the given organization, it is important to evaluate key factors for the specifications of information security consultants, as strategic partners. The following sections provide information regarding this evaluation. Specifications As noted by the National Research Foundation (1991), specifications describe software components, written by information security consultants to provide organizations precise, easy-to-read, module-level documentation of interfaces. Specifications facilitate system design, integration, and maintenance, and encourage reuse of modules. Further, as noted by Hackney (2011), specifications provide clarity and deeper understanding by encouraging prompt attention to inconsistencies, incompleteness, and ambiguities. The specifications are important aspects in assisting in the reduction of risk, as once written, they are helpful to users including the auditors, implementers, and maintainers. According to Hackney (2011), during system auditing, specifications provide information used to generate test data, build stubs, and analyze information flow. During system integration, they reduce the number and severity of interfacing problems by reducing the number of implicit assumptions. Specifications are usually much easier to understand than are implementations—thus combining specifications is less work than combining implementations. By relying upon those properties guaranteed
Open Document