Measure: SecureOutsourcing


Assurance of IT security in case of outsourcing by setting-up appropriate agreements with the respective companies. By these agreements it is guaranteed that also the respective external companies comply with the relevant security guidelines. Thereby it is ensured that emerging risks due to the outsourcing process are minimized.


The agreement should ensure that the commissioned company complies with a sufficiently acknowledged security standard (e.g. the German IT-Grundschutz [IT-Basic Protection]).

Event source type

Event type

Risk reduction mechanism

Threat Types

Action characteristics

Event Consequences