| Abstract: | Due to the international nature of supply chains, organizations interact by proxy with suppliers that they have little or no knowledge of. Limited knowledge of suppliers’ security practices means less control over overall product security, which can increase corporate risk. Formal risk management is critical to the overall procurement process and the risk to the critical components throughout the acquisition lifecycle can be managed by installing proactive supply chain risk management (SCRM) key practices. A properly managed supply chain is a critical requirement in ensuring trust in an organization’s sourced products. We discuss the assurance process requirements as well as a well-defined and recognized set of system engineering practices that apply scientific and engineering principles to ensure systematic direction, control, and trust. |
