• Home

  • Documents

  • 2 ppt final dan shoemaker dd1 stockholm presentation
6
Getting the Workforce to Factor Enterprise Risk into Outsourcing Decisions

2 ppt final dan shoemaker dd1 stockholm presentation

Embed Size (px)

Citation preview

Page 1: 2 ppt final dan shoemaker dd1 stockholm presentation

Getting the Workforce to Factor Enterprise Risk into Outsourcing

Decisions

Page 2: 2 ppt final dan shoemaker dd1 stockholm presentation

What is Supply Chain Risk Management?

• Supply chain risk management (SCRM) ensures that the enterprise’s sourced products (HW&SW) and services are functionally correct

• SCRM encompasses five different categories of risk*

1. Installation of malicious logic in hardware or software2. Installation of counterfeit hardware or software3. Failure or disruption in the production or distribution of a critical

product or service4. Reliance upon a malicious or unqualified supplier5. Installation of unintentional vulnerabilities

* US General Accounting Office (GAO) March 23, 2012 p. 12

Page 3: 2 ppt final dan shoemaker dd1 stockholm presentation

What is Supply Chain Risk Management?

• The key outcome of -SCRM is that it guarantees that an organization’s sourced products do what they are intended to do and only that

• SCRM is enforced through a system-of-systems Enterprise Security Framework (ESF) of controls

• Mitigations are designed and deployed through a formal criticality analysis and prioritization scheme (defense in depth)

• The aim of SCRM is to ensure that we fully understand all meaningful risks (to the enterprise) when arriving at a make-buy decision?

Page 4: 2 ppt final dan shoemaker dd1 stockholm presentation

Building a Unified Body Practice for SCRM

• Practices from a ange of conventional fields could conceivably be part of a unified body of practice for ICT supply chain risk management

– hardware and software engineering– systems engineering– information systems security engineering– Safety– Reliability– Testing– information assurance– project management – Intelligence– Legal– International relations

Page 5: 2 ppt final dan shoemaker dd1 stockholm presentation

A Short Conclusion

• The problem addressed by our initiative is, how to manage enterprise-risk from globally sourced ICT sub-components- that may not function as anticipated and may in fact have undesired functionality”

• It is critical to get enterprise risk under control since most of of society’s functionality/capability is dependent on ICT sub-components

• We hope that we can enlist your help and support in developing and finalizing a correct and relevant unified concept

Page 6: 2 ppt final dan shoemaker dd1 stockholm presentation

THANK YOU FOR YOUR ATTENTION

Dan Shoemaker, PhD, Director and Senior Research ScientistGlobal EdICT - Supporting Don Davidson, Chief of Outreach Globalization

Task Force (GTF) OASD-NII / DoD CIO

[email protected]


Sample DD1 Details

Sample DD1 Details

Documents
Bryant Apt - DD1

Bryant Apt - DD1

Documents
Package ‘mobsim’ - R · dd1

Package ‘mobsim’ - R · dd1

Documents
Dundee City Centre Visitor Car ParkingCar Parking Car Parks awarded Safer Parking status 1 Hunter Street DD1 5EU 6 Queen Street DD1 2HF 11 City Quay DD1 3BQ 16 Science Centre West

Dundee City Centre Visitor Car ParkingCar Parking Car Parks awarded Safer Parking status 1 Hunter Street DD1 5EU 6 Queen Street DD1 2HF 11 City Quay DD1 3BQ 16 Science Centre West

Documents
DD1 - PM session final

DD1 - PM session final

Documents
ELVES AND THE SHOEMAKER

ELVES AND THE SHOEMAKER

Documents
Little Shoemaker

Little Shoemaker

Entertainment & Humor
ANIOSYME DD1 - آرکا بهپویانANIOSYME DD1 Cleaning and pre-disinfection of instrumentation • Reinforced cleaning and pre-disinfection of medico-surgical instrumentation,

ANIOSYME DD1 - آرکا بهپویانANIOSYME DD1 Cleaning and pre-disinfection of instrumentation • Reinforced cleaning and pre-disinfection of medico-surgical instrumentation,

Documents
Presentation on DD1

Presentation on DD1

Documents
Jolynn Shoemaker

Jolynn Shoemaker

Documents
DD1 - Quebec.ca

DD1 - Quebec.ca

Documents
Nancy Shoemaker Source

Nancy Shoemaker Source

Documents
Shoemaker impact structure

Shoemaker impact structure

Science
Shoemaker Practice

Shoemaker Practice

Documents
C StructuralForum Shoemaker Mar07

C StructuralForum Shoemaker Mar07

Documents
Wri03 4262 Shoemaker

Wri03 4262 Shoemaker

Documents
dd1- u.s.s.saladin ncc-500 ca1- u.s.s.constitution ncc

dd1- u.s.s.saladin ncc-500 ca1- u.s.s.constitution ncc

Documents
Dampfdruckgarer DD1 - Steba Elektrogeräte

Dampfdruckgarer DD1 - Steba Elektrogeräte

Documents
Apresentacao dd1

Apresentacao dd1

Sports
Cole shoemaker top 40

Cole shoemaker top 40

Art & Photos
My friends Eli Shoemaker

My friends Eli Shoemaker

Documents
Shoemaker Time Without Change

Shoemaker Time Without Change

Documents
NEAR shoemaker

NEAR shoemaker

Documents
Catalogo Andres Sendra Shoemaker

Catalogo Andres Sendra Shoemaker

Design
Amy shoemaker pictures

Amy shoemaker pictures

Art & Photos
Population et dd1

Population et dd1

Documents
DDRUM dd1 manual

DDRUM dd1 manual

Services
Bits - Sonja Shoemaker

Bits - Sonja Shoemaker

Documents
The Shoemaker

The Shoemaker

Documents
POST A NOTE TO DENVER CITY TEXAS - soulwinners.biz · Shoemaker Orton h/o L. E. (McCrary) Shoemaker. Shoemaker James T b ca 1963 md Synetta Mitchell 4/9/1983 Yoakum County. Shoemaker,

POST A NOTE TO DENVER CITY TEXAS - soulwinners.biz · Shoemaker Orton h/o L. E. (McCrary) Shoemaker. Shoemaker James T b ca 1963 md Synetta Mitchell 4/9/1983 Yoakum County. Shoemaker,

Documents