I think outsourcing and offshoring should not be seen as threats but as sources of threats if these activities are not properly supervised. The standards ISO / IEC 27001 and 27002 provide the framework for these activities in terms of cyber security:
Continuer la lecture de « Outsourcing, Offshoring & vulnerabilities »