Title :
A framework for supplier-supply chain risk management: Tradespace factors to achieve risk reduction — Return on investment
Author :
Chan, Serena ; Larsen, Gregory N.
Author_Institution :
Inst. for Defense Analyses, Alexandria, VA, USA
Abstract :
The growing trend in information and communications technology (ICT) globalization and outsourcing provides opportunities for adversaries to attack the supply chains of critical information systems and networks in order to gain unauthorized access to data, alter data, disrupt operations, or interrupt communications by inserting malicious code into or otherwise corrupting components; or to obtain knowledge of the uses and users of systems. A challenging issue is the ability to assure that articles of supply and the suppliers can be trusted to do only that which is expected or specified and to do so reliably and dependably. This paper describes a framework for discovering, defining, learning, and establishing capabilities to manage the risks of suppliers and supply chains of ICT.
Keywords :
authorisation; business data processing; investment; outsourcing; risk management; supply chain management; ICT globalization; corrupting component; critical information system; malicious code; return on investment; risk management; risk reduction; supplier supply chain; tradespace factor; unauthorized data access; Globalization; Hazards; Outsourcing; Procurement; Risk management; Supply chains; acquisition; countermeasure; defense; enterprise framework; information and communications technology; mitigation; supply chain risk management; threat; vulnerability;
Conference_Titel :
Technologies for Homeland Security (HST), 2010 IEEE International Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4244-6047-2
DOI :
10.1109/THS.2010.5655102
