Structure and Roles


Lenovo’s leadership role as a technology company is based on the trust it continually strives to earn with customers and those in the wider security community. The Lenovo Product Security Office (PSO) mission is laser focused on the security of Lenovo’s devices and minimizing risks to exposures and vulnerabilities.

To successfully execute its mission, the Lenovo PSO brings together people with a variety of skills, including software coding and security; computer, mobile and network hardware; supply chain logistics, vulnerability testing, operations management, supplier interactions and external communications (including crisis or issue management).

Key security roles Deliverables
Key security roles and Deliverables
Drive Product Offering Security Features & Models
  • Product architecture support
  • Certifications
  • Quality, standards, tools
  • Sales & marketing support
Product Security Incident Response Team (PSIRT)
  • Drive closure of all security incidents
  • Customer & Internal communications
  • Maintain policies & procedures
  • Managed across Business Groups/Units
Supply Chain Security
  • Secure supplier base for intelligent components (Trusted supplier list)
  • BIOS & firmware build process
  • Secure manufacturing, packaging, shipping, delivery
  • Managed across Business Groups/Units
Governance and Compliance
  • Governance / policies / procedures
  • Training and communications
  • Audit (Internal and annual 3rd party)
  • Code assurance and compliance