ABSTRACT
For all intents and purposes, the successful building of acquirer—supplier relationships serves as a foundation and basis for successful completion of any information and communication technology (ICT) system development project. This chapter provides the structure of the International Standards Organization (IEC)/ 12207 standard and its relevance to supply chain risk management. ICT organizations have implemented a standard that is relevant to the definition of robust acquisition assurance infrastructure at the conceptual level. 12207 activities encompass all of the tasks pertaining to the management of the system life cycle necessary to establish the full scope of development, maintenance, and use of ICT products and services. As each 12207 standard process has a defined activity that initiates activities performed during the ICT life cycle, each also contains an activity that draws a conclusion to a group of activities. The processes are developed directly from the acquisition plan, and they describe the specific steps required to ensure the security of the product or service.
