Session 6 – E-procurement Interconnecting People and Organizations

Outsourcing may pose a potential security risk to any enterpise deciding to utilize its many benefits. The added dependency on a third party will create a supply chain which is needed to sustain the renewed business model. It is in this supply chain where the security risks emerge: you may be exposed to malicious logic, counterfeit hardware and software or the installation of unintentional vulnerabilities. These risks are particularly potent because of their hidden nature in the many layers that make out the supply chain. Supply Chain Risk Management (SCRM) aims to circumvent these different threats through multi-layered analysis by incorporating the knowledge of many different disciplines within the ICT-field, including but not limited to systems engineering, legislation and international relations. – Dan Shoemaker, Director and Senior Research Assistant at ICSEC, US Department of Defense