An external review of Managed Security Operations contracts rebalanced risk for a large paper company.
Opportunity
After selecting a provider from a Request for Proposal process that solicited commercial, technical and operational proposals, a paper manufacturer wanted a fresh set of eyes on the Managed Security Operations contracts before signing. ISG was called in to take a final look and ensure the negotiated deals met all industry best practices.
Imagining IT Differently
ISG assessed the scope, contract terms and pricing, and highlighted recommendations to improve commercial proposals and reduce risk. By using its Mark-to-Market process, ISG confirmed the service provider’s pricing was competitive but also found areas where the provider’s scope of work was noncommittal. ISG came up with specific best-practice contract language to assure ongoing and sound cyber security practices.
Future Made Possible
- ISG sorted through the provider’s complex approach to uncover several escapes the provider had built in for itself.
- ISG offered rewording to sections of the contract that shifted risk from the provider to the client.
- Rebalancing the risk brought the client peace of mind.
