A framework for supplier-supply chain risk management: Tradespace factors to achieve risk reduction — Return on investment

Author

Chan, Serena ; Larsen, Gregory N.

Author_Institution

Inst. for Defense Analyses, Alexandria, VA, USA

fYear

2010

fDate

8-10 Nov. 2010

Firstpage

29

Lastpage

34

Abstract

The growing trend in information and communications technology (ICT) globalization and outsourcing provides opportunities for adversaries to attack the supply chains of critical information systems and networks in order to gain unauthorized access to data, alter data, disrupt operations, or interrupt communications by inserting malicious code into or otherwise corrupting components; or to obtain knowledge of the uses and users of systems. A challenging issue is the ability to assure that articles of supply and the suppliers can be trusted to do only that which is expected or specified and to do so reliably and dependably. This paper describes a framework for discovering, defining, learning, and establishing capabilities to manage the risks of suppliers and supply chains of ICT.

Keywords

authorisation; business data processing; investment; outsourcing; risk management; supply chain management; ICT globalization; corrupting component; critical information system; malicious code; return on investment; risk management; risk reduction; supplier supply chain; tradespace factor; unauthorized data access; Globalization; Hazards; Outsourcing; Procurement; Risk management; Supply chains; acquisition; countermeasure; defense; enterprise framework; information and communications technology; mitigation; supply chain risk management; threat; vulnerability;

fLanguage

English

Publisher

ieee

Conference_Titel

Technologies for Homeland Security (HST), 2010 IEEE International Conference on

Conference_Location

Waltham, MA

Print_ISBN

978-1-4244-6047-2

Type

conf

DOI

10.1109/THS.2010.5655102

Filename

5655102