Qantas Airways has signed up Cybertrust's Security Lifecycle Program (SLP) to check and manage existing and future governance, policy and outsourcing contracts for third parties.
The Security Lifecycle Program, a mix of security-oriented policies, procedures and architecture, provides the benchmark for a company-wide information security program, according to Qantas CEO Fiona Balfour.
"The program helped Qantas define the level of governance, policy, operations, compliance and assurance required of third-party service providers to meet our business needs," Balfour said.
While neither company could confirm the length or cost of the contract, a spokesperson from Cybertrust said an SLP project such as this may take one to two months or run as a multi-year project depending on the outcomes required by the user, but the deal with Qantas is a "long-term project." The SLP methodology was developed in Australia.
Cybertrust regional managing director Paul O'Rourke said SLP enables organisations to address compliance as part of an information security objective, and allows them to take a proactive, strategic and efficient approach to compliance.
"SLP is a framework that ensures organisations retain visibility and control of their security service levels under an outsourcer contract," O'Rourke said.