Policy Report | September 13, 2016

Purchasing Secure ICT Products and Services: A Buyers Guide

This Buyers Guide is intended to help the buyers, suppliers, and users of information and communications technologies better understand and address the cybersecurity and privacy risks inherent in information and communications technology (ICT) products and services. These individuals include senior executives and members of their governing boards and parent organizations, chief information and information security officers, risk management professionals, acquisition officers, insurers, auditors, other third-party risk evaluators, and design, manufacturing and supply chain professionals. The Guide provides these three overarching recommendations for ICT buyers and suppliers:

1. Engage in a dialogue about risk management.

2. Use questions in this Guide to frame the dialogue.

3. Rely on international standards to increase confidence in the results.

Read the full report here.

The official press release is available here.