Assignment Task: Create a Software Procurement Policy List
You've reviewed the organization's policies for software development methods. Now it's time to create a policy list for software procurement. The following are some sample questions to be included in a software procurement policy:
1. Does the vendor provide any cybersecurity certi?cations with the product?
2. Does the vendor provide access to the source code for the product? Are there other security issues in source code to be addressed?
3. What is the guaranteed frequency of security updates to be provided for the product?
4. What is the implementation process for software updates/upgrades?
What are additional questions or concerns that should be included in the procurement process? Create a table or spreadsheet that lists recommended policies to properly address these questions or concerns.
Use the Procurement Policy Template to list the cybersecurity implications related to procurement and supply chain risk management and submit your results for feedback.