Supply Chain News / eSupply Chain / Risk & Compliance

Securing the Supply Chain Report Released

May 1, 2013
/ Print / Reprints /
ShareMore
/ Text Size+

According to the Information Security Forum (ISF), a global, independent information security body focused on cyber security and information risk management, organizations go to great lengths to secure intellectual property and other sensitive information internally. Yet, when that information is shared across the supply chain, security is only as strong as the weakest link.

"There is a 'black hole' of undefined supply chain information risk in many organizations"

The ISF’s latest report, Securing the Supply Chain, made the point that information compromised in the supply chain is just as damaging as that compromised from within the organization as evidenced by numerous recent incidents.

“Supply chains are inherently insecure and organizations create unintended information risk when sharing information with their suppliers,” said Michael de Crespigny, CEO of ISF. “There is a 'black hole' of undefined supply chain information risk in many organizations – they understand and manage this risk internally but have difficulty identifying and managing this risk across their hundreds or thousands of suppliers. Our Securing the Supply Chain report provides executives with a way for the organization to identify and manage risk in the supply chain and addresses how information risk management can be integrated into procurement and vendor management processes and activities. Our latest research will help them to better identify and understand the risks, and then respond in a proportionate, scalable and efficient manner”.

Sharing information with suppliers is an essential part of an organization’s daily business operation, however doing so increases information risk: the risk that the confidentiality, integrity or availability of that shared information could be compromised. Supply chains are difficult to secure, they create risk that is hard to identify, complicated to quantify, costly to address – the last of which can be disruptive to supplier relations. Think about the consequences of a supplier providing accidental, but harmful, access to your intellectual property, customer or employee information, commercial plans or negotiations.

Do you know if your most valuable and sensitive information is being protected by your suppliers as you would protect it? You can’t outsource this risk – it is yours to manage and regulators and stakeholders will look poorly on such incidents. By considering the nature of their supply chains, determining what information is shared, and assessing the probability and impact of potential compromises, organizations can balance information risk management efforts across their supplier base.

“When suppliers share your information with their suppliers, the risk is extended further up the supply chain and visibility and control diminish. This aspect of supply chain information risk often goes unseen and unmanaged,” continued de Crespigny. “The key to managing information risk in the supply chain is an information-led, risk-based approach to identify what information is being shared and assess the probability and impact of a compromise”.

To help organizations manage their supply chain information risk, the ISF has created the Supply Chain Information Risk Assurance Process (SCIRAP), an approach for larger organizations to manage this risk across their thousands or tens of thousands of suppliers. This focuses on identifying information shared in the supply chain and focusing attention on the contracts that create the highest risk.

This provides a scalable way to manage contracts so that efforts are proportionate to the risk. SCIRAP integrates with existing procurement and vendor management processes, providing a mechanism to make supply chain information risk management a part of normal business operation. As a result, organizations will be able to better understand their supply chain information risk, identify the assurance or actions required, and work with procurement or vendor management to manage information risk.

The Securing the Supply Chain report is available free of charge to ISF Members and available via ISF Live, a facilitated forum for ISF Members to discuss related issues and share solutions, along with additional resources including a webcast and presentations.

Non-members can purchase a copy of the report by contacting Steve Durbin by email.

You must login or register in order to post a comment.

Supply Chain Security

Muhammad Sayeed
June 23, 2013
Happy to be registered and seen a great article like this. http://schain24.blogspot.com/

Thank You

Josh Foster
June 24, 2013
Thank you, Mr. Sayeed, for the kind words and the link to your blog. You should check out our Partner Blogs too - there's a lot of great content over there.

Multimedia

Videos

Image Galleries

KC SmartPort Momentum

Kansas City SmartPort Momentum 2013 focused on 3PLs, the issues facing the industry, and the role or logistics in economic development

Podcasts

 

Calculating a true landed cost for global sourcing directly correlates with the profitability of purchased goods. However, few companies can command real-time visibility in to all the costs involved for cross border movements. In this podcast, World Trade 100 and Amber Road highlight how a comprehensive global trade platform that converges both logistics and compliance costs can deliver true landed cost visibility.

 

Speaker: Hung Lee, Senior Product Manager, Amber Road

More Podcasts

THE MAGAZINE

World Trade 100 Magazine

april cover wt100 2014

2014 April

Check out the April 2014 edition of World Trade WT100, featuring articles on fueling changes for trucking plus much more!

Table Of Contents Subscribe

Supply Chain Disruptions

Which are the most common causes of disruptions in your supply chain?
View Results Poll Archive

WT100 STORE

world-class-warehousing.gif
World-Class Warehousing and Material Handling, 1st Edition

Filled with proven operational solutions, it will guide managers as they develop a warehouse master plan, one designed to minimize the effects of supply chain inefficiencies as it improves logistics accuracy and inventory management - and reduces overall warehousing expense.

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Use our interactive maps to locate service providers across North America.Interactive Map

Logistics Development Partners 

IWLA Members

STAY CONNECTED