A primary objective for this content area is to raise acquirers’ awareness of their role in “building security in” for major software-intensive systems. The initial articles describe an acquisition life-cycle framework for security activities, products, and reviews and for selected acquisition contexts and life cycle phases. The authors provide additional guidance on methods and resources for acquirers to identify and manage security risks, with the goal of producing systems that are sufficiently robust to assure mission success.
|System-of-Systems Influences on Acquisition Strategy Development||2013-07-02||Rita Creel, Robert J. Ellison|
|Supply-Chain Risk Management: Incorporating Security into Software Development||2013-07-02||Carol Woody, Robert J. Ellison|
|Finding a Vendor You Can Trust in the Global Marketplace||2013-07-02||Art Conklin, Dan Shoemaker|
|Assuring Software Systems Security: Life Cycle Considerations for Government Acquisitions||2013-07-02||Rita Creel|
|Building Security into the Business Acquisition Process||2013-07-02||Dan Shoemaker|
|A Systemic Approach for Assessing Software Supply-Chain Risk||2013-05-14||Audrey Dorofee, Carol Woody, Christopher Alberts, Rita Creel, Robert J. Ellison|
|Acquisition Overview: The Challenges||2013-05-14||Rita Creel, Robert J. Ellison|