Beruflich Dokumente
Kultur Dokumente
Focus of Effort
Hardware Risk management and appreciate the differences government vs. private sector Economics as important as technology Practical----keep it comprehensible to nontech people from different parts of industry Include international analysis of legal issues
Domain of Loses
Interruption of the supply chain Corruption of the supply chain Discrediting of the process or products Theft of Intellectual Property
Legal Requirements
Rigorous contracts delineating what is required Locally responsible corporations with a Long term interest in complying We need to be sure local execs and workers are adequately motivated to comply We need adequate provisions for verifying security implementation There needs to be local law enforcement of agreements by both civil and criminal judicial systems
Individuals
A list of who is working..in advance Documented identities The equivalent of background checks Under surveillance...preferably video at the production facility
Corporations
Contracts must be written in ways suppliers understand, agree to and can actually be enforced Penalties need to be assessed in ways that will not undermine the relationship Procedures for unannounced visits must be clear so they can be carried out Contracts need to spell out strategies to get suppliers to remain responsible for the long term
Final Thoughts
Is the supply chain still relevant----is it the WEB? Key role of economics driving insecurity What is the role of compliance Do we need to be Anti-American?