One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 4499057 |
| Date de publication | 2022-04-24 12:23:00 (vue: 2022-04-24 01:05:28) |
| Titre | Professional services - concluding phase |
| Texte |  Having introduced this blog series and covered information risks applicable to the preliminary and operational phases of a professional services engagement, it's time to cover the third and final phase when the engagement and business relationship comes to an end.Eventually, all relationships draw to a close. Professional services clients and providers go their separate ways, hopefully parting on good terms unless there were unresolved disagreements, issues or incidents (hinting at some information risks).It is worth considering what will/might happen at the end of a professional services engagement as early as the preliminary pre-contract phase. Some of the controls need to be predetermined and pre-agreed in order to avoid or mitigate potentially serious risks later-on. Straightforward in principle ... and yet easily neglected in the heady rush of getting the engagement going. This is not unlike a couple drawing up their "pre-nup" before a wedding, or a sensible organisation making suitable business continuity arrangements in case of severe incidents or disasters ahead. A potentially significant information risk in the concluding phase stems from the inappropriate retention by either party of [access to] confidential information obtained or generated in the course of the engagement - whether commercially sensitive or personal information. Imagine the implications of, say, a law firm being hit by a ransomware attack, office burglary or insider incident, giving miscreants access to its inadequately-secured client casework files and archives. Meta-information about the engagement, assignment/s and contracts may also be commercially-sensitive, for instance if the supplier deliberately under-priced the contract to secure the business and gain a foothold in the market, only to find it uneconomic to deliver the contracted services - a decidedly embarrassing situation if disclosed.Information risks in this phase are amplified if the relationship e |
| Envoyé | Oui |
| Condensat | having 0cm 0pt; 4pt 4pt; about access achieves advice agreed ahead alignment all also alt:0cm amplified ansi answering applicable archives are arises arrangements aspects assignment/s assurance attack audits avoid avoided badly been before being beneficial better between bitterly blog brand burglary business but cambria can case casework cause changes checklists client clients close closeness colband comes commercially complain complete compliance concluding confidential considering continuity contract contracted contracts controls conversely could/should couple course cover covered criticise damage decidedly definitions deliberately deliver details detrimental dimension disagreements disasters disclosed discuss dispute drafting draw drawing dropped each earlier early easily either embarrassing emerge end endorsements ends engagement engenders etc ethical even eventually expectations exploitation false family: fareast files final find firm font foothold forward from further future gain gained generated getting giving going good governance gte guards guideline handled happen harms have heady here hinting hit hopefully imagine impacts impart implications improve inadequately inappropriate incident incidents information insider instance introduced involved iso27k issues its justified knows language:en later law lead leading learn learnt least lessons little made makes making managed management margin:0cm; market may mentioned meta miscreants mitigate mitigated more mso msonormaltable name: need neglected neutral none normal noshow:yes; not note nup obtained office old only operational opportunities opportunity order organisation orphan; other out outcomes padding pagination:widow para parent: parting party perhaps persistent personal perspective phase phases plenty policies posing positive possible post potential potentially pragmatic pre predetermined preliminary previously priced principle prior priority:99; procedures professional provider providers questions raising ransomware reasonable references refusing relationship relationships reminding repeating reputations retention reviews risk risks rowband rush say secure secured security sensible sensitive separate series serif; serious services severe should significant simplified simply situation size:0; size:10 some stake standard stems straightforward strategies studies style such suitable supplier table terms than that them then things third those threats time touch truly trust tstyle under uneconomic unless unlike unresolved us; value very vulnerabilities vulnerable wait way ways wedding well went what when whether which who will will/might words worth wounds yet you |
| Tags | Ransomware Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.