Looking to make certified products a proposal requirement? Look here for sample language.
January 6, 2010
By Al Potter

Today (January 6) we issued a press release (available here www.icsalabs.com/press-release/icsa-labs-offers-tips) with tips on how business and government agencies can use independent product assurance from a third party to simplify the Request for Proposal (RFP) process. 

Enterprises can realize significant advantages while selecting security products—namely saving time and resources—by leveraging existing third-party assurance programs where they are available, relevant, and meet, even partially, the enterprise requirements.  To help organizations make this a requirement, the below table provides sample language that can be used when drafting RFPs or other like documents.

Scenario

Example Language

Third-party diligence programs exist, testing requirements are relevant to the enterprise selection criteria, and the list of tested or certified products provides adequate choice for the enterprise.

When selecting solution components proposed in response to this request, we will only consider products which have undergone third-party assurance testing or certification. Examples of third-party assurance programs which will satisfy this requirement are those testing and certification programs operated by ICSA Labs.

Third-party diligence programs exist, but the list of tested or certified products does not provide adequate choice for the enterprise.

When selecting solution components proposed in response to this request, we will give strong preference to products which have undergone third-party assurance testing or certification. Examples of third-party assurance programs which will satisfy this requirement are those testing and certification programs operated by ICSA Labs.

or

 

When selecting solution components proposed in response to this request, we will require the vendor of the product to demonstrate compliance with each of the selection criteria in the attached documents. Vendors of products which have undergone third-party assurance testing in a program like those operated by ICSA Labs may use the results of that testing in conjunction with the published testing criteria as evidence of compliance with specific requirements.

 

 

If you’re looking for sample language for a situation not included above, or have other questions about building a certification requirement into an RFP, I’m happy to answer your questions.  I look forward to hearing from you.

 

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.