Issues with IT Outsourcing

Many organizations consider it is a good practice to conduct security audit for newly developed systems to ensure if suitable and adequate security controls are built and implemented.  The audit however is usually done at very late stage of the development cycle.  In many cases, security weaknesses identified at this stage are difficult and costly (if not impossible) to be fixed because these may affect the overall architectural design of the system. This subsequently

• causes project delay;
• incurs unnecessary cost for rework or implementing additional compensation controls; and
• at the worst scenario, operates the new system at a lower security level.

Organizations always feel helpless and consider lost control of the whole outsourcing process.  In fact, IT outsourcing requires a totally different set of skills and knowledge from project or services scoping, requirement definition, tender specification, supplier evaluation, contract arrangement to quality assurance and performance monitoring. 

How HKPC can help?

HKPC consultant is very experienced in information security and understands the system development cycle very well. We have developed our unique methodology to ensure security features of a new system are assessed, evaluated, designed, built and properly implemented. Our proven methodology help ensures

• a comprehensive consideration of security to a new system at the early stage of the development cycle;
• appropriate security features are properly designed, built and implemented; and
• the implemented security features are effectives as expected.

Contact Us

If you would like to know the information security status of your organization or you just want to know more about our services, please do not hesitate to contact us. Our consultants will be very willing to help.