One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 4490303 |
| Date de publication | 2022-04-22 09:26:38 (vue: 2022-04-21 22:05:27) |
| Titre | Professional services - preliminaries |
| Texte | Yesterday I proposed a guideline on the information risk, security and privacy aspects of professional services. I introduced a simplistic 3-phase model for the business relationship through which one or more professional services assignments are delivered and consumed.  Today, I'm exploring the preliminary phase.Before professional services are delivered, client and provider form a business relationship. They determine the professional services required and offered, and of course negotiate the commercial arrangements. They also have the opportunity to decide how the services are to be provided, and how both the assignment/s and the business relationship are to be managed.Contracting is an important control in its own right with significant information and commercial risks associated. The contract may for instance: Be inappropriate for either organisation, the relationship and/or the professional service/s; Be informal, undocumented, invalid and hence unenforceable;Bypass or shortcut due process;Be uneconomic for either party; Be unfair, biased and perhaps unethical;Lead to problems if an assignment fails or the whole relationship turns sour, perhaps as a result of an incident. Contracting is a chance for both organisations to think forward, discuss and agree the governance, management, compliance, security/privacy, control and assurance needed for the remainder of the professional services lifecycle (both phases!). It may be infeasible, later on, to modify the terms or specify additional requirements and the associated arrangements for integrity, confidentiality, incident management etc., especially if relationship issues arise.Also at this stage, client and provider conduct some form of due diligence checks on each other, exploring factors such as solvency, competence, qualifications, certifications and reputations. The manner in which both parties participate in this phase can be a valuable predictive indicator - a big clue as to how things are likely to pan out later e.g.:Appreciation of the each party's capabilities and concerns, plus their common interests in making a commercial success of the planned assignment/s and the business relationship as a whol |
| Envoyé | Oui |
| Condensat | given the today :appreciation ;more actions actively additional addressed advice agree ahead all already also and/or any anything appointing are area arise arrangements aspects assignment assignment/s assignments associated assuming assurance authority background before believe biased big bode both budding business can capabilities capable cases certifications chance checklist checklists checks clearly client clue commercial commitments;the common communications competence compliance comply concerns conditions conduct confidentiality consider consumed contract contracting contracts control controls coupled course cultural data decide decisions deliver delivered depth/volume descriptions;the details determine diligence disciplinary discuss discussions doesn doing dominate downplayed draft due each either else employment especially etc even expertise exploit exploring fact factors fails fit flexibility form formality formally forward gdpr generally goes going governance guaranteed guideline have help hence here how imbalance implications important inappropriate incident independently indicator infeasible informal information instance instance: integrity interest interests introduced invalid involved issues its know knows lack later laws legal let lifecycle likely lot main make making managed management manner may maybe misfit model modify modifying monitored more nature needed needs neglected negotiate not note now off offer offered one only opportunity organisation organisations other ought out outline own pan participate parties party party; be perhaps phase phases planned plus positive potentially power pragmatic predictive preliminaries preliminary presume privacy problems process;be professional professionalism proposed provide provided provider qualifications quality quite recruitment refine regs relationship relationship: relevance remainder reputations required requirements requiring resolving result right risk risks security security/privacy service service/s; be services setting shortcut significant signs simple simplistic simply solvency some sour space specialist specifically specified specify speed stage standard straightforward stuff style success such suggests supplier support terms there things think those through together turns typically undocumented uneconomic unenforceable;bypass unethical;lead unfair valuable variation various very vulnerability well what whatever which whole whole;the will willingness wording work worrying would yesterday your |
| Tags | Vulnerability Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.