Acquisition process
Acquisition process = the steps an organization follows to get new systems, software, or services in a secure way.
• It’s not just about buying — it means making sure what you buy is safe, trusted, and meets security requirements.
• Includes things like: checking vendors, reviewing contracts, verifying security controls, and making sure the product won’t introduce new risks.
✅ Example:
If a company wants new cloud storage, the acquisition process would cover:
1. Picking a vendor.
2. Checking if the vendor has good security (encryption, compliance, etc.).
3. Making sure contracts include security responsibilities.
4. Approving and deploying it safely.
Is accusations _due diligence
Acquisition process = due diligence + approval + secure deployment.
-
Definations10
-
Zero Trust Model Concepts2
-
Risk management terms5
-
data governance6
-
Data Protection and Privacy Techniques6
-
disaster recovery and business continuity metrics5
-
Policy And Procedure2
-
access control models4
-
common vulnerabilities/attacks2
-
Exception and exemption2
-
DLP (Data Loss Prevention)1
-
Dmark, Dkim, Spf4
-
DDS Attacks4
-
What Is TableTop Excersise1
-
Cross Site Frogery And Cross Site Scripting3
-
Brute Force Attack And Password Spraying Attack3
-
Posture assessment1
-
Bloatware And Fileless Malware3
-
Acquisition process2
-
Risk Assessment, Risk Reporting, Risk Registry4
-
Key Escrow2
-
Jump Server (or Jump Box)2
-
Log Aggregation1
-
Granular Access Control1
-
Regulated Data And Confidential Data2
-
Actonyms2
-
Network Tap1
-
Preservation1
-
Chain Of Custody1
-
Jurnaling1
-
Gard rails in context of automation ?1
-
BPA and MOA1
-
Initializatio Victor, Block Cipher And Stream Chiper3
-
governance and risk management:4
-
Session Hijacking1
-
Software Development Life Sycle1
-
Secure Baseline1
-
Keystrwching1
-
BPA, MOA,SLA4
-
Cluster computing?1
-
Ad hoc assessment?1
-
RTOS real time operating systems?1
-
SwGs( secure web gateway)?1
-
Embaded systems?1
-
Whaling ?1
-
SASE?1
-
IP Sec And eAP2
-
LDAP1
-
Netflow1
-
Cloning ?1
-
Whailing?1
-
Passkey?1
-
Password vault?1
-
Audit trails in incident response ?1
-
Data sovereignty?1
-
TLS?1
-
Procurement process ?1
-
End of life voinerblite and lagecy?1
-
IaC , inferstrwctur as a code1
