Outsourcing Code, Keeping Control – ISO/IEC 27001 A.8.30 episode artwork

EPISODE · Jul 15, 2025 · 9 MIN

Outsourcing Code, Keeping Control – ISO/IEC 27001 A.8.30

from The ITSM Practice: Elevating ITSM and IT Security Knowledge · host Luigi Ferri

Outsourced development is growing, but ISO 27001 Annex A 8.30 ensures you don’t outsource control. In this episode, we explain how to secure external software development, from vendor audits to contract clauses and compliance risks. Learn practical steps to protect your business.In this episode, we answer to:How can ISO 27001 Annex A 8.30 secure outsourced development?What security questions should you ask every software vendor?How do you turn contracts into enforceable cybersecurity controls?Resources Mentioned in this Episode: HighTable, article "ISO 27001 Annex A 8.30 Outsourced Development", link https://hightable.io/iso27001-annex-a-8-30-outsourced-development/ ISMS.online website, article "ISO 27001:2022 Annex A 8.30 – Outsourced Development", link https://www.isms.online/iso-27001/annex-a/8-30-outsourced-development-2022/ ISMS.online website, article "ISO 27002:2022 – Control 8.30 – Outsourced Development", link https://www.isms.online/iso-27002/control-8-30-outsourced-development/ GRC Mana website, article "ISO 27001 Annex A 8.30: A Step-by-Step Guide", link https://www.grcmana.io/blog/iso-27001-annex-a-8-30-outsourced-development Advisera website, article "Big guide to ISO 27001 clauses — How is this standard structured?", link https://advisera.com/iso27001/control-8-30-outsourced-development/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya

Outsourced development is growing, but ISO 27001 Annex A 8.30 ensures you don’t outsource control. In this episode, we explain how to secure external software development, from vendor audits to contract clauses and compliance risks. Learn practical steps to protect your business.In this episode, we answer to:How can ISO 27001 Annex A 8.30 secure outsourced development?What security questions should you ask every software vendor?How do you turn contracts into enforceable cybersecurity controls?Resources Mentioned in this Episode: HighTable, article "ISO 27001 Annex A 8.30 Outsourced Development", link https://hightable.io/iso27001-annex-a-8-30-outsourced-development/ ISMS.online website, article "ISO 27001:2022 Annex A 8.30 – Outsourced Development", link https://www.isms.online/iso-27001/annex-a/8-30-outsourced-development-2022/ ISMS.online website, article "ISO 27002:2022 – Control 8.30 – Outsourced Development", link https://www.isms.online/iso-27002/control-8-30-outsourced-development/ GRC Mana website, article "ISO 27001 Annex A 8.30: A Step-by-Step Guide", link https://www.grcmana.io/blog/iso-27001-annex-a-8-30-outsourced-development Advisera website, article "Big guide to ISO 27001 clauses — How is this standard structured?", link https://advisera.com/iso27001/control-8-30-outsourced-development/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya

NOW PLAYING

Outsourcing Code, Keeping Control – ISO/IEC 27001 A.8.30

0:00 9:12

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The ITSM Practice: Elevating ITSM and IT Security Knowledge?

This episode is 9 minutes long.

When was this The ITSM Practice: Elevating ITSM and IT Security Knowledge episode published?

This episode was published on July 15, 2025.

What is this episode about?

Outsourced development is growing, but ISO 27001 Annex A 8.30 ensures you don’t outsource control. In this episode, we explain how to secure external software development, from vendor audits to contract clauses and compliance risks. Learn practical...

Can I download this The ITSM Practice: Elevating ITSM and IT Security Knowledge episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!