Software Assurance. Software Acquisition Working Group. Chairs: Stan Wisseman Booz Allen Hamilton Mary L. Polydys National Defense University Information Resources Management College. Needs for Software Assurance.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Software Acquisition Working Group
Booz Allen Hamilton
Mary L. Polydys
National Defense University
Information Resources Management College
Strengthen operational resiliency
“Supply chain introduces risks to American society that relies on Federal Government for essential information and services.”
“Scope of Supplier Expansion and Foreign Involvement” graphic in DACS www.softwaretechnews.com Secure Software Engineering, July 2005 article “Software Development Security: A Risk Management Perspective” synopsis of May 2004 GAO-04-678 report “Defense Acquisition: Knowledge of Software Suppliers Needed to Manage Risks”
**NCSD Objective/Action 1.4.4
During the Contracting Phase, software risks must be addressed and mitigated through terms and conditions, evaluation factors for awarded, and risk mitigation requirements in the SOW
During the Implementation and Acceptance Phase, software risk management deliverables must be evaluated to determine compliance in accepted risk mitigation strategies as stated in the requirements of the contract
During the Follow-on Phase, software risks must be managed through continued analysis of risk and readjustment of risk mitigation strategies