Sharing information with suppliers is essential for the supply chain to function. However information compromised in the supply chain can be just as damaging as that compromised from within the organisation.

The ISF’s Supply Chain Information Risk Assurance Process (SCIRAP) provides a scalable way to manage all contracts so that controls, rigour, frequency of evaluation, and assurance received are proportionate to the information risk. The process integrates with existing vendor management processes and provides an established starting point, therefore making supply chain information risk management a part of normal business operations.

The full report also includes an Implementation Support Guide which provides clear and detailed guidance on deploying the ISF’s SCIRAP.

Executive Summary

Securing the Supply Chain: Preventing your suppliers’ vulnerabilities from becoming your own

Please fill out the form below to download a complimentary Executive Summary.

Please provide your details to download this document:

The Information Security Forum (ISF) is a data controller for the personal data collected on this website.

For information on how we collect and use your personal data, please read our Privacy Notice.

Please read and agree with our Terms Of Use.

From time to time, the ISF would like to contact you regarding our latest products, services and events.

By ticking the relevant boxes below, please indicate your preferences on how you want to be contacted:

You can update your preferences at any time, or withdraw consent after submission by going to the ‘Already Registered’ tab.

Please enter the email address you previously registered with to access the download:

You have previously downloaded from our website. For more information on how we use your personal information, please see our Privacy Notice.

Please refamiliarise yourself with our Terms Of Use.

To update your preferences on how you would like to be contacted by the ISF, please indicate below:

To unsubscribe from all ISF communications. Click here: