Governance

GOV026

Principles of supply chain security

Follow these principles to gain and maintain control of your supply chain. The twelve principles are divided into four stages, covering the process of securing your supply chain. 

GOV5 - Manage risks when working with others

Identify and manage the risks to your people, information, and assets before you begin working with others who may become part of your supply chain.

Understand the risks

1. Understand what needs to be protected and why

2. Know who your suppliers are and build an understanding of their security measures

3. Understand the security risks posed by your supply chain.

Establish control

4. Communicate your view of security needs to your suppliers

5. Set and communicate minimum security requirements for your suppliers

6. Build security considerations into your contracting process and require your suppliers to do the same

7. Meet your own security responsibilities as a supplier and consumer

8. Raise awareness of security within your supply chain

9. Provide support for security incidents.

Check your arrangements

10. Build assurance activities into your supply chain management.

Seek continuous improvement

11. Encourage the continuous improvement of security within your supply chain

12. Build trust with suppliers.

 Source: Centre for the Protection of National Infrastructure (CPNI), 2018

Page last modified: 31/10/2018