June 23, 2017 - CDW-G is the first Information and Communication Technology (ICT) solutions provider to be certified to The Open Trusted Technology Provider™ Standard (O-TTPS) – ISO/IEC 20243:2015 through the new Self Assessed option of The Open Group O-TTPS Certification Program.
The O-TTPS certification program is one of the first programs aimed at assuring both the integrity of ICT products and the security of their supply chains. The conformance requirements are tailored specifically to technology providers to help reduce the risk of malware-enabled or malware-capable and counterfeit components from making their way into customers’ operating environments. The O-TTPS was developed by The Open Group and in 2015 was submitted through the Publicly Available Specification (PAS) process to ISO/IEC where it was approved as ISO/IEC 20243:2015.
When applying for certification, technology providers can choose their certification scope. CDW is certified for its CDW-G subsidiary, whose core focus is to procure and configure products and solutions for customers from its portfolio of partners. These include Federal civilian, Federal Department of Defense (DOD) and system integrators based in the United States and its authorized territories. In its role as a solutions provider, CDW-G is certified for conformance to ISO/IEC 20243 as applicable to the role the company performs and the value-add it brings in the distribution of those products within their scope of certification.
Because the two standards are equivalent, an organization certified through the O-TTPS Certification Program is also certified and can claim certification to ISO/IEC 20243:2015 as well as to the O-TTPS. Open Trusted Technology Providers who are conformant to the standard are granted the use of The Open Trusted Technology Provider™ trademark and listed on a public registry.
“We are very pleased that CDW-G has chosen to certify to the ISO/IEC 20243 and be an Open Trusted Technology Provider™,” said Dave Lounsbury, Chief Technical Officer, The Open Group. “In today’s world of cybersecurity threats and compromised supply chains, the O-TTPS Certification Program helps assure that all constituents in the supply chain of IT products are doing their part to secure the production and distribution of those products upon which our operating environments depend. By obtaining this certification, CDW-G is doing its part to help make our enterprises and critical infrastructures more secure and better protected from the damaging effects that can result from maliciously tainted and counterfeit components.”
“Achieving this certification is part of our commitment to provide our government customers with the highest quality, most secure technology products available on the market today,” said Bob Kirby, vice president, Federal and state and local sales, CDW-G.
CDW-G is the first to be certified to ISO/IEC 20243 through the self-assessment approach of the certification program. The program has two assessment options: self-assessment or assessment by a third party. In either level, as with all The Open Group certification programs, conformance is backed by a warranty from the certified organization to The Open Group, as the Certification Authority, that the organization is conformant and will remain so throughout its conformance period or its certificate will be removed from the public registry.
The standard and the certification program were developed in The Open Group Trusted Technology Forum by consensus from a cross section of ICT stakeholders: customers, providers (including some of the most mature ICT providers in the industry), assessors, academics and others.
To learn more about the O-TTPS Certification Program to ISO/IEC 20243, please visit: http://www.opengroup.org/subjectareas/trusted-technology