This Standard specifies security requirements for use where a contract between two parties requires the demonstration of a supplier`s capability to implement and/or operate a computer system, such as in an outsourcing arrangement, which enforces information confidentiality, integrity, and availability.It applies equally to system acquisition, where the two parties are the system purchaser and the supplier; to facilities management, where the two parties are the system owner (purchaser) and the facilities management provider (supplier); or internal provision of systems and services, where the two parties are the organization`s business units (purchasers) and the organization`s data processing unit (supplier).
- Published:
- 07/20/1995
- Number of Pages:
- 12
Reviews
There are no reviews yet.