LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Contractual requirements

Contractual requirements

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Contractual requirements

“

- [Narrator] Supply chain software security depends heavily on written agreements between all related parties. Contractual requirements in those agreements include things like IP ownershIP, code escrow, EULAs, and SLAs. Intellectual property or IP ownershIP is standard fare for these agreements, especially in outsourcing relationshIPs. If you are hiring a third party to write code for you, these contracts are an important part of protecting the resulting IP. The World Intellectual Property Organization is one resource that you can rely on here. Their advice is to make sure you include contract language about who owns the resulting IP and what consequences are for disclosing that IP. You can ask all involved parties to sign non-disclosure agreements or NDAs, which include legal consequences for divulging any IP to unauthorized parties. That said, IP laws often vary from one country to the next. If you don't have an IP attorney that you can consult with about the appropriate contract…

Contents