Securing the Supply Chain: Preventing your suppliers’ vulnerabilities from becoming your own

governancesupply chaincompliance

Securing the Supply Chain: Preventing your suppliers' vulnerabilities from becoming your own

Download the executive summary

Sharing information with suppliers is essential for the supply chain to function. However information compromised in the supply chain can be just as damaging as that compromised from within the organisation.

The ISF’s Supply Chain Information Risk Assurance Process (SCIRAP) provides a scalable way to manage all contracts so that controls, rigour, frequency of evaluation, and assurance received are proportionate to the information risk. The process integrates with existing vendor management processes and provides an established starting point, therefore making supply chain information risk management a part of normal business operations.

The full report also includes an Implementation Support Guide which provides clear and detailed guidance on deploying the ISF’s SCIRAP.

Discover how the ISF can help your organisation

If you are not a Member of the ISF and are interested in finding out more about supplier security or ISF Membership, then please get in touch today.

Get in touch

Supporting Content

research

Continuous Supply Chain Assurance: Monitoring supplier security

Suppliers help to keep operations moving for all organisations, but this also brings information risk that you must keep a watchful eye on.

tool

Supply Chain Assurance Framework (SCAF)

The Supply Chain Assurance Framework provides a structured approach to help organisations’ information security functions to embed information secu...

tool

ISF Aligned Tools Suite

Strategic information risk management tools to assess risk, qualify supplier security and assure prioritised cyber security investment.

Securing the Supply Chain: Preventing your suppliers' vulnerabilities from becoming your own

Download the executive summary