Cybersecurity » Legal and IT Procurement Must Cooperate

Legal and IT Procurement Must Cooperate

February 24, 2016

Corporations trying to adopt best practices have evolved an interdependent and interdisciplinary arrangement, where IT Supply Chain, commonly called IT Procurement, becomes the front-end/gating function for contract analysis. “Procurement” acts like paralegals, but with extensive training in supply chain disciplines and contract drafting. To properly fulfill its mission, procurement also must have specific IT knowledge.

Meanwhile, in-house counsel sets high-level contract standards. It’s nearly impossible, however, to keep up with the evolving technical environment. Legal can set specific standards for such things as liabilities, indemnities and insurance, but it cannot effectively do the same in detailed technical areas.

Legal might reasonably worry about due diligence and losing control of contract standards. With the emphasis on risk mitigation and loss prevention based on Sarbanes Oxley and Gramm-Leach-Bliley considerations, there is concern that allowing IT Procurement to do more direct contracting with software/service vendors would create unacceptable liabilities. But that concern can be addressed by ongoing close cooperation and open communication between Legal and IT Procurement.

Legal departments must acknowledge the changing IT procurement landscape. An evolving cooperative review-sharing arrangement between Legal and IT Procurement benefits all parties. It preserves Legal’s influence over key IT contract standards, but leverages IT Procurement’s technical knowledge.This arrangement enables the business to get its technical contracts reviewed more quickly and can make a better internal case for intelligent delays, especially where cloud contracts fall short in areas of cyber and data security standards.

Read full article at:

Share this post: