Building Secure Software
Supply Chain Risk and Software Acquisition
The goal of this Supply chain and software acquisition domain is to provide the learner knowledge to ensure that the software developed in a supply chain is secure. The learner will learn some of the industry standards and practices that must applied to provide a high level of assurance that the supply chain is secure – both upstream and downstream. In addition to the practices discussed in previous modules the learner will understand how to assess supplier practices, installation and deployment, monitoring considerations for suppliers, identify risks, and understand the use of contractual obligations for suppliers.
After completing this domain, participants will be able to:
- Understand the complexity and issues surrounding supply chain security
- Describe the industry standards that are used to in securing the supply chain.
- Take the steps necessary for assessing a supplier’s security practices.
- Describe a process for ensuring the software from a supplier is securely delivered and deployed.
- Gain the confidence to certify supplier delivered software
- DOMAIN 8 - SUPPLY CHAIN AND SOFTWARE ACQUISITION
- Supplier risk assessment
- Intellectual property and legal compliance
- Supplier sourcing
- Software development & test
- Software delivery, operations & maintenance
- Supplier transitioning
- Domain 8 Practice Questions
- END & FEEDBACK
- Course Feedback