I am a government product program manager building a system comprising numerous IA/IA-enabled COTS products that will be purchased by government customers for use in their systems. How does NSTISSP #11 apply to my program?
How NSTISSP #11 applies depends heavily on whether the resultant system is considered a COTS or GOTS product. GOTS products must be evaluated by NSA or in accordance to an NSA-approved process. However if it is a COTS oriented solution, much depends on how it is going to be distributed. 1. If distribution is through a single office that negotiates price and product (e.g., an ID/IQ agreement), whether NSTISSP #11 COTS testing is required will be based on when price and product are agreed upon. If it is agreed upon before July 1, 2002, no NSTISSP #11 COTS testing is required. If it is agreed upon after July 1, 2002, NSTISSP #11 COTS testing is required. 2. If distribution is through a contractor that deals directly with each customer (with the contractor in control of price and distribution), whether NSTISSP #11 COTS testing required will be based upon when the price and product is agreed upon by each individual customer attempting to purchase the product. Products sold before July 1, 20
Related Questions
- I am a government product program manager building a system comprising numerous IA/IA-enabled COTS products that will be purchased by government customers for use in their systems. How does NSTISSP #11 apply to my program?
- How can a contact manager software program make me more effective in building relationships?
- How do the job titles project manager, product manager and program manager differ?