Conduct Internet research on different vendor assessments. Some organizations use checklists while others just utilize an outline of sorts that could be developed into a checklist. Remember to look...

Conduct Internet research on different vendor assessments. Some organizations use checklists while others just utilize an outline of sorts that could be developed into a checklist. Remember to look back at your Unit I Outline as you will develop your checklist based on your choice of industries from that assignment: aerospace, healthcare, or government agencies.

Requirements for this checklist include the following:

• a title page containing the company name and your name;


• a checklist of information about the product and/or services and the vendor requirements;


• the threat or risk analysis in which the threats or risks are prioritized, resolutions for project security are correlated, and critical assets are audited to ensure accurate preemptive actions are taken; and


• the reference page, which must include at least three references with one from the CSU Online Library.

Adhere to APA Style when creating citations and references for this assignment. APA formatting, however, is not necessary.

Yourchecklist must be at least one page in length, not including the title and references pages. This checklist will be added to your outline to produce a completed project at the end of the course.

Unit SEC 4320, IS Security Capstone 1 Course Learning Outcomes for Unit II Upon completion of this unit, students should be able to: 1. Compile a vulnerability assessment using the current security posture. 1.1 Prioritize those threats or risks which could affect the security measures of the product or services. 4. Propose a security plan for a project solution. 4.1 Correlate resolutions for the project security strategy. 5. Construct preventative measures to ensure critical assets are secure. 5.1 Audit critical assets to ensure accurate preemptive actions are taken. Course/Unit Learning Outcomes Learning Activity 1.1 Unit Lesson Article: “IT Infrastructure Qualification and System Validation: IT Vendor Perspectives” Unit II Assignment 4.1 Unit Lesson Article: “Finding Vendor Is a Step-By-Step Process” Unit II Assignment 5.1 Unit Lesson Article: “Revisiting Vendor Assessment” Unit II Assignment Required Unit Resources In order to access the following resources, click the links below. Buddeberg, R. (2002, February 18). Finding vendor is a step-by-step process. Marketing News, 36(4), 10. https://search-proquest- com.libraryresources.columbiasouthern.edu/docview/216414961?accountid=33337 Faletra, R. (2013, February 1). Revisiting vendor assessment. CRN: The newsweekly for builders of technology solutions. https://search-proquest- com.libraryresources.columbiasouthern.edu/docview/1288824197?accountid=33337 Gigoo, S. (2007). IT infrastructure qualification and system validation: IT vendor perspectives. Pharmaceutical Technology, 31(1), 60–72. https://link.gale.com/apps/doc/A159643843/AONE?u=oran95108&sid=AONE&xid=4ad32850 UNIT II STUDY GUIDE Vendor Assessment https://search-proquest-com.libraryresources.columbiasouthern.edu/docview/216414961?accountid=33337 https://search-proquest-com.libraryresources.columbiasouthern.edu/docview/1288824197?accountid=33337 https://link.gale.com/apps/doc/A159643843/AONE?u=oran95108&sid=AONE&xid=4ad32850 SEC 4320, IS Security Capstone 2 UNIT x STUDY GUIDE Title Unit Lesson The vendor assessment is one of the many important topics within your request for proposal. The vendor assessment allows for potential and/or recurring vendors to know your requirements regarding how the product or services will be developed. For example, let’s say you are looking for a new vehicle, and your requirements are that it must seat six individuals comfortably and must have air conditioning, heating, power windows, defroster, and a six-cylinder engine that gets at least 20 miles to the gallon. Now that you have your requirements, the next step is to contact and alert the different vendors (car dealerships) that you are in the market for a new car. You personally contact the vendor through email, telephone, or in person at the dealership and provide them with your requirements. The information the vendors (car dealerships) will want to know is the expected delivery date of the new car, preferred car color, type of warranty you want, any accessories you would like, and the maintenance plan you would like. Even the reputation of the dealership factors into the vendors’ assessment and scoring. According to Buddeberg (2002), there are three steps that you should follow when choosing the vendor that you wish to work with:  self-assessment, which helps you determine what you need or do not need and what you might like to have;  vendor assessment, which helps you determine what each vendor offers; and  vendor scoring, which helps you determine which vendor is the best one for your needs. With the information you provided in the self-assessment and the information gathered from the different vendors, you should be able to create a checklist in which you list your product expectations and the services that each vendor provides. In addition, the vendor checklist includes each vendor’s pros and cons, strengths and weaknesses, or certain services the vendor provides that might be a threat (such as a vendor offers a warranty that only covers the first 5,000 miles or the dealership has only a two-and-a-half star rating). From the perspective of information technology, it is recommended that you read the article “IT Infrastructure Qualification and System Validation: IT Vendor Perspectives”. This article provides an insight into vendor assessment for information technology using pharmaceutical technology. The contents of the vendor assessment checklist should include at least the vendor name, purpose, services, accessibility, and maybe a risk level. This checklist should include the requirements for the product and/or services along what is also expected from the vendor. Once the client receives the completed vendor assessment portion of the request for proposal, the client can determine which vendor best fits the specifications to work on the product. The checklist should also address the solutions to any possible threats or risks, what proactive measures to take to avoid or reduce the threats or risks, and, most importantly, how to prioritize the threats or risks for the products or services. As Faletra (2013) mentions, the client should look at a vendor’s cost transfer, a vendor’s motivate versus mandate approach to the economy, and a vendor’s willingness to put all its resources behind the project. Please view the video Better Prices From Suppliers | Cost Saving Purchasing Tips to gain more of an understanding of cost savings. (A transcript and closed captioning are available once you access the video.) As you read through the various articles by Buddeberg (2002), Faletra (2013), and Gigoo (2007) found in the Required Unit Resources section of your study guide, you will see that each author had different ways of looking at vendor assessments. Consequently, there is no wrong or right way for a client to create a vendor assessment. Of course, the only wrong way is not to have a vendor assessment at all. https://link.gale.com/apps/doc/A159643843/AONE?u=oran95108&sid=AONE&xid=4ad32850 https://link.gale.com/apps/doc/A159643843/AONE?u=oran95108&sid=AONE&xid=4ad32850 https://c24.page/juvp6dk3u3kf3gmy4wy48muffh https://c24.page/juvp6dk3u3kf3gmy4wy48muffh SEC 4320, IS Security Capstone 3 UNIT x STUDY GUIDE Title Below is an example of a simplified vendor assessment checklist. Client Vendor Checklist Item Equipment Inventory Facilities Work Experience How Many Employees Equipment/ Applications Needed Maintenance 1. Use and Develop Personally Identifiable Information (PII) 25 Workstations Main Office and Warehouse 2. Security Transmission of PII 3 Servers Main Office and Warehouse 3. Maintain PII Devices 3 Servers Main Office and Warehouse 4. PII Threats Main Office and Warehouse The client needs to utilize personally identifiable information (PII) in order to conduct business within the organization. As with other organizations, the client has a number of workstations and servers but have no other information on how to enable the PII. The client develops a checklist for vendors to determine what work experience they have, to pinpoint how many employees will be needed for this project, and to identify what additional equipment and/or applications will be used. The checklist should also include the maintenance cost for the life of the system. In addition, the vendor should identify the PII threats. This is just a simplified checklist to provide an idea of what vendor assessment documentation looks like. The Internet provides many more examples of vendor assessments, so take advantage of the research on vendor checklists/assessments. References Buddeberg, R. (2002, February 18). Finding vendor is a step-by-step process. Marketing News, 36(4), 10. https://search-proquest- com.libraryresources.columbiasouthern.edu/docview/216414961?accountid=33337 Faletra, R. (2013, February 1). Revisiting vendor assessment. CRN: The newsweekly for builders of technology solutions. https://search-proquest- com.libraryresources.columbiasouthern.edu/docview/1288824197?accountid=33337 Gigoo, S. (2007). IT infrastructure qualification and system validation: IT vendor perspectives. Pharmaceutical Technology, 31(1), 60–72. http://search.ebscohost.com.libraryresources.columbiasouthern.edu/login.aspx?direct=true&db=edb& AN=23841509&site=eds-live&scope=site Course Learning Outcomes for Unit II Required Unit Resources Unit Lesson References