Governance
-
Principles of supply chain security
- Understand what needs to be protected and why
- Know who your suppliers are and build an understanding of their security measures
- Understand the security risks posed by your supply chain
- Communicate your view of security needs to your suppliers
- Set and communicate minimum security requirements for your suppliers
- Build security considerations into your contracting process and require your suppliers to do the same
- Meet your own security responsibilities as a supplier and consumer
- Raise awareness of security within your supply chain
- Provide support for security incidents
- Build assurance activities into your supply chain management
- Encourage the continuous improvement of security within your supply chain
- Build trust with suppliers
GOV037
Encourage the continuous improvement of security within your supply chain
Encourage your suppliers to continuously improve their security arrangements. Advise and support your suppliers as they work on improvements.
Emphasise how improving security may help them to compete for and win future contracts with you. Taking this approach will help you grow your supply chain and increase your pool of potential suppliers who meet your security needs.
Avoid creating unnecessary barriers to improvements. Be prepared to recognise any existing security practices or certifications they have that demonstrate how they meet your minimum security requirements.
Allow time for your suppliers to improve security, but require them to give you timescales and plans that show how they intend to achieve the improvements.
Listen to and act on any concerns that suppliers highlight — concerns which suggest current approaches are not working. Suppliers might raise issues during performance monitoring, through reporting, or after responding to security incidents.
Page last modified: 4/05/2022