Borrow it
- African Studies Library
- Alumni Medical Library
- Astronomy Library
- Fineman and Pappas Law Libraries
- Frederick S. Pardee Management Library
- Howard Gotlieb Archival Research Center
- Mugar Memorial Library
- Music Library
- Pikering Educational Resources Library
- School of Theology Library
- Science & Engineering Library
- Stone Science Library
The Resource Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
Resource Information
The item Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks represents a specific, individual, material embodiment of a distinct intellectual or artistic creation found in Boston University Libraries.This item is available to borrow from all library branches.
Resource Information
The item Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks represents a specific, individual, material embodiment of a distinct intellectual or artistic creation found in Boston University Libraries.
This item is available to borrow from all library branches.
- Summary
- The Department of Defense (DoD) is increasingly reliant on software and information systems for its weapon capabilities, and DoD prime contractors are subcontracting more of their software development. The increased reliance on software and a greater number of suppliers results in more opportunities to exploit vulnerabilities in defense software. In addition, DoD has reported that countries hostile to the United States are focusing resources on information warfare strategies. Therefore, software security, including the need for protection of software code from malicious activity, is an area of concern for many DoD programs. DoD acquisition and software security policies do not fully address the risk of using foreign suppliers to develop weapon systems software. The current acquisition guidance allows program officials discretion in managing foreign involvement in software development, without requiring them to identify and mitigate such risks. Moreover, other policies intended to mitigate information systems vulnerabilities focus mostly on operational software security threats, such as external hacking and unauthorized access to information systems, but not on insider threats, such as the insertion of malicious code by software developers. Recent DoD initiatives may provide greater focus on these risks, but to date have not been adopted as practice within DoD. GAO was asked to examine DoD's efforts to identify software development suppliers, and manage risks related to foreign involvement in software development on weapon systems. To address software vulnerabilities and threats, GAO recommends that DoD better define software security requirements and require program managers to mitigate associated risks accordingly. DoD agreed with the findings but only partially concurred with the recommendations over concerns that they place too much responsibility for risk mitigation with program managers. GAO has broadened the recommendations to address DoD's concerns
- Language
- eng
- Extent
- 34 pages
- Note
- Report to Congressional Requesters. The original document contains color images
- Label
- Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
- Title
- Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
- Subject
-
- Administration and Management
- Classified materials
- Coding
- Computer Programming and Software
- Contract administration
- Contractors
- Cyberterrorism
- Department of defense
- Foreign
- Government(foreign)
- Information systems
- Information warfare
- Logistics, Military Facilities and Supplies
- Military procurement
- Policies
- Project management
- Protection
- Requirements
- Risk management
- Security
- Software engineering
- Threats
- Vulnerability
- Weapon systems
- Language
- eng
- Summary
- The Department of Defense (DoD) is increasingly reliant on software and information systems for its weapon capabilities, and DoD prime contractors are subcontracting more of their software development. The increased reliance on software and a greater number of suppliers results in more opportunities to exploit vulnerabilities in defense software. In addition, DoD has reported that countries hostile to the United States are focusing resources on information warfare strategies. Therefore, software security, including the need for protection of software code from malicious activity, is an area of concern for many DoD programs. DoD acquisition and software security policies do not fully address the risk of using foreign suppliers to develop weapon systems software. The current acquisition guidance allows program officials discretion in managing foreign involvement in software development, without requiring them to identify and mitigate such risks. Moreover, other policies intended to mitigate information systems vulnerabilities focus mostly on operational software security threats, such as external hacking and unauthorized access to information systems, but not on insider threats, such as the insertion of malicious code by software developers. Recent DoD initiatives may provide greater focus on these risks, but to date have not been adopted as practice within DoD. GAO was asked to examine DoD's efforts to identify software development suppliers, and manage risks related to foreign involvement in software development on weapon systems. To address software vulnerabilities and threats, GAO recommends that DoD better define software security requirements and require program managers to mitigate associated risks accordingly. DoD agreed with the findings but only partially concurred with the recommendations over concerns that they place too much responsibility for risk mitigation with program managers. GAO has broadened the recommendations to address DoD's concerns
- Cataloging source
- DTICE
- Index
- no index present
- Literary form
- non fiction
- http://library.link/vocab/relatedWorkOrContributorName
-
- Neumann, John
- Mullins, Brian
- Cohen, Delores
- Oakley, Shelby S
- Miller, Christopher
- Middleton, Gary
- Ahearn, Marie
- GOVERNMENT ACCOUNTABILITY OFFICE WASHINGTON DC
- http://library.link/vocab/subjectName
-
- Software engineering
- Foreign
- Contract administration
- Security
- Military procurement
- Risk management
- Weapon systems
- Requirements
- Vulnerability
- Coding
- Cyberterrorism
- Project management
- Information warfare
- Classified materials
- Protection
- Contractors
- Government(foreign)
- Threats
- Information systems
- Department of defense
- Policies
- Administration and Management
- Computer Programming and Software
- Logistics, Military Facilities and Supplies
- Label
- Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
- Note
- Report to Congressional Requesters. The original document contains color images
- Carrier category
- online resource
- Carrier category code
-
- cr
- Carrier MARC source
- rdacarrier
- Content category
- text
- Content type code
-
- txt
- Content type MARC source
- rdacontent
- Extent
- 34 pages
- Form of item
- online
- Governing access note
- APPROVED FOR PUBLIC RELEASE
- Media category
- computer
- Media MARC source
- rdamedia
- Media type code
-
- c
- Note
- Hein Online
- System control number
-
- (OCoLC)227938387
- (OCoLC)ocn227938387
- Label
- Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
- Note
- Report to Congressional Requesters. The original document contains color images
- Carrier category
- online resource
- Carrier category code
-
- cr
- Carrier MARC source
- rdacarrier
- Content category
- text
- Content type code
-
- txt
- Content type MARC source
- rdacontent
- Extent
- 34 pages
- Form of item
- online
- Governing access note
- APPROVED FOR PUBLIC RELEASE
- Media category
- computer
- Media MARC source
- rdamedia
- Media type code
-
- c
- Note
- Hein Online
- System control number
-
- (OCoLC)227938387
- (OCoLC)ocn227938387
Subject
- Administration and Management
- Classified materials
- Coding
- Computer Programming and Software
- Contract administration
- Contractors
- Cyberterrorism
- Department of defense
- Foreign
- Government(foreign)
- Information systems
- Information warfare
- Logistics, Military Facilities and Supplies
- Military procurement
- Policies
- Project management
- Protection
- Requirements
- Risk management
- Security
- Software engineering
- Threats
- Vulnerability
- Weapon systems
Library Locations
-
African Studies LibraryBorrow it771 Commonwealth Avenue, 6th Floor, Boston, MA, 02215, US42.350723 -71.108227
-
-
Astronomy LibraryBorrow it725 Commonwealth Avenue, 6th Floor, Boston, MA, 02445, US42.350259 -71.105717
-
Fineman and Pappas Law LibrariesBorrow it765 Commonwealth Avenue, Boston, MA, 02215, US42.350979 -71.107023
-
Frederick S. Pardee Management LibraryBorrow it595 Commonwealth Avenue, Boston, MA, 02215, US42.349626 -71.099547
-
Howard Gotlieb Archival Research CenterBorrow it771 Commonwealth Avenue, 5th Floor, Boston, MA, 02215, US42.350723 -71.108227
-
-
Music LibraryBorrow it771 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US42.350723 -71.108227
-
Pikering Educational Resources LibraryBorrow it2 Silber Way, Boston, MA, 02215, US42.349804 -71.101425
-
School of Theology LibraryBorrow it745 Commonwealth Avenue, 2nd Floor, Boston, MA, 02215, US42.350494 -71.107235
-
Science & Engineering LibraryBorrow it38 Cummington Mall, Boston, MA, 02215, US42.348472 -71.102257
-
Embed
Settings
Select options that apply then copy and paste the RDF/HTML data fragment to include in your application
Embed this data in a secure (HTTPS) page:
Layout options:
Include data citation:
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.bu.edu/portal/Defense-Acquisitions-Knowledge-of-Software/s553qbnffJs/" typeof="Book http://bibfra.me/vocab/lite/Item"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.bu.edu/portal/Defense-Acquisitions-Knowledge-of-Software/s553qbnffJs/">Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.bu.edu/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.bu.edu/">Boston University Libraries</a></span></span></span></span></div>
Note: Adjust the width and height settings defined in the RDF/HTML code fragment to best match your requirements
Preview
Cite Data - Experimental
Data Citation of the Item Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks
Copy and paste the following RDF/HTML data fragment to cite this resource
<div class="citation" vocab="http://schema.org/"><i class="fa fa-external-link-square fa-fw"></i> Data from <span resource="http://link.bu.edu/portal/Defense-Acquisitions-Knowledge-of-Software/s553qbnffJs/" typeof="Book http://bibfra.me/vocab/lite/Item"><span property="name http://bibfra.me/vocab/lite/label"><a href="http://link.bu.edu/portal/Defense-Acquisitions-Knowledge-of-Software/s553qbnffJs/">Defense Acquisitions: Knowledge of Software Suppliers Needed to Manage Risks</a></span> - <span property="potentialAction" typeOf="OrganizeAction"><span property="agent" typeof="LibrarySystem http://library.link/vocab/LibrarySystem" resource="http://link.bu.edu/"><span property="name http://bibfra.me/vocab/lite/label"><a property="url" href="http://link.bu.edu/">Boston University Libraries</a></span></span></span></span></div>
