O-TTPF White Paper and Best Practices

Printer-friendly version

A framework for a more trusted and secure global supply chain

Governments and large enterprises are cognizant and appreciative of the benefits of globalization. At the same time, they recognize their increasing reliance on commercial off-the-shelf (COTS) information technology (IT) components (software and hardware) to deliver mission critical operations.

As cyber attacks increase in sophistication, stealth and severity, governments and larger enterprises have also begun to take a more comprehensive approach to risk management and product assurance. In addition to enhancing information security by improving security practices across the enterprise, governments and enterprises have begun inquiring about the practices their IT vendors use to protect the integrity of their products and services as they move through the global supply chain.

Reducing the risks of global product development

Governments and commercial consumers have expressed specific interest in understanding how vendors manage the risks inherent in globalized product development and manufacturing and in the supply chains they employ.

To address these concerns The Open Group Trusted Technology Forum (OTTF) is developing a set of best practices in the following areas:

  • Engineering and product development
  • Secure development
  • Supply chain integrity
  • Evaluation methods

This framework of best practices is based on the Open Trusted Technology Provider Framework (O-TTPF) White Paper, published in February 2011.

Once the best practices are completed, the OTTF will define conformance criteria and an accreditation program so that vendors around the globe who conform to the best practices can be identified as Trusted Technology Providers. This will enable customers to buy with confidence from Trusted Technology Providers, and vendors to build with integrity by partnering with Trusted Technology Providers in their global supply chains. Both IT customers and vendors will benefit from:

  • Reduced risk
  • Protection of operational assets
  • Reduced compliance costs

You can view or download the O-TTPF White Paper free from The Open Group Publications Catalog