Published: 09 January 2024
Summary
Poorly communicated requirements and misaligned expectations often result in dissatisfaction with security services. Security and risk management leaders must use this research to develop successful RFPs that effectively communicate requirements to get the most aligned service possible.
Included in Full Research
Overview
Key Findings
Lack of direction or clarity in a security services RFP document, misinterpretation of SLA value and overly high expectations — coupled with overpromising by providers — often result in disappointing service outcomes.
Complex or nonbinary responses are regularly requested by authors for binary requirements, making the response process longer and the scoring process more ambiguous.
It is often difficult or impossible for a security service provider to completely understand the needs and business context of an organization regarding security, even more so without detailed business and IT contexts covered by a nondisclosure agreement (NDA) agreement.
RFP documents often include extensive irrelevant
Clients can log in to view the entire
document.