The secure acquisitions policy puts protocols in place for acquiring information systems to ensure that expenditures are made in as wise a manner as possible in regards to the provisioning of IT security. Such protocols are critical to ensuring that purchases are not made that undermine defined corporate security requirements. The secure acquisitions policy minimizes risks to security and ensures that extra purchases are not required to re-establish an appropriate security level.
Risks addressed by this policy:
- Extra corporate acquisitions costs
- Reduced security capabilities