Study to assess security providers


Study to assess security providers

The Government is seeking the views of Computer Weekly readers in a study to assess the performance of IT security consultants and service providers.

The investigation, by the Department of Trade & Industry (DTI), aims to assess whether IT users are happy with the service or whether action is needed to improve confidence in the sector.

"Trust is essential to the new economy and providers of security services have a special responsibility to establish trust. The DTI sees this exercise as an opportunity to take stock," said study co-ordinator Geoff Smith.

The investigation follows a series of conflicting claims by government ministers about the impact of a new piece of legislation, the Private Security Industry Act on security consultants.

Although the Act was intended to regulate the physical security industry, including security guards, and nightclub bouncers, ministers have refused to rule out its use to regulate the IT security industry.

The study, which is being compiled by security consultant Chris Sundt, aims to establish how IT users can satisfy themselves that the consultants they use are trustworthy and competent, and whether any initiatives are needed to improve confidence in the sector.

"We are trying to answer basic questions. What do people think the information security industry encompasses? What skills are relevant? Should it include organisations that offer managed services?" said Sundt.

Tell the DTI what you think of security consultants and service providers
How do you ensure that security consultants you hire or contract out are competent?

2. How do users address these questions when selecting an information security service provider directly or as part of an outsourced service?

3. Are you aware of any qualifications or accreditation schemes that could help you identify the competence of service providers?

4. Would additional qualifications give you greater confidence?

5. What range of skills do you consider information security to cover, from high-level policy and risk assessment through to configuring products?

6. What initiatives could be introduced to create greater confidence in IT security consultants and service providers?

7. Have you ever suffered loss or damage through the incompetence of IT security consultants or service providers or from rogue security consultants or providers ?

Send your comments, name, contact details, position and the name of your organisation to:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in August 2001


COMMENTS powered by Disqus  //  Commenting policy