Securing the Supply Chain: Preventing your suppliers’ vulnerabilities from becoming your own
Sharing information with suppliers is essential for the supply chain to function. However information compromised in the supply chain can be just as damaging as that compromised from within the organisation.
The ISF’s Supply Chain Information Risk Assurance Process (SCIRAP) provides a scalable way to manage all contracts so that controls, rigour, frequency of evaluation, and assurance received are proportionate to the information risk. The process integrates with existing vendor management processes and provides an established starting point, therefore making supply chain information risk management a part of normal business operations.
The full report also includes an Implementation Support Guide which provides clear and detailed guidance on deploying the ISF’s SCIRAP.
Discover how the ISF can help your organisation
Continuous Supply Chain Assurance: Monitoring supplier security
Suppliers help to keep operations moving for all organisations, but this also brings information risk that you must keep a watchful eye on.
Supply Chain Assurance Framework (SCAF)
The Supply Chain Assurance Framework provides a structured approach to help organisations’ information security functions to embed information secu...