Security And Risk Management in Supply Chains

The reduction of risk constitutes a pillar of success in business. A crucial concern in any business activity includes the variable of risk due to security threats in information systems. Risks increase as the business increases in success and profit. Risk Management becomes a crucial part of every successful business model to deal with uncertain and risky socio-economic changes. Security concerns are a major player in minimizing risk in businesses by protecting its intangible resources and knowledge. The emergence of supply chains which coordinate organizations, people, activities, information and resources, dramatically increases risk crises. Efforts have resulted in process reference models, such as the Supply Chain Operations Reference (SCOR) which measures total supply chain performance. Although the SCOR model is designed to support supply chains of various complexities across multiple industries, it does not provide a basis for Risk Management in terms of the security of exchanged information and access control. Quantifying security risks in supply chains becomes a central challenge to be considered in risk management. This paper attempts to propose a framework to bridge the gap between security concerns and risk management in a supply chain, typically, the SCOR model. The framework extends risk management with security awareness by proposing roles for each process in SCOR. Its underlying approach focuses on the types of threats in SCOR implementation projects and applies empirical benchmarks to measure risks in processes with respect to the security-oriented framework.

[1]  Richard E. Neapolitan,et al.  Learning Bayesian networks , 2007, KDD '07.

[2]  William G. Marchal,et al.  Statistical techniques in business and economics , 1991 .

[3]  Vladan Devedzic,et al.  Software Project Management , 2001 .

[4]  Robert Rosenbaum,et al.  Supply chain excellence : a handbook for dramatic improvement using the SCOR model , 2007 .

[5]  Björn Wahlström,et al.  Models, modelling and modellers: an application to risk analysis☆ , 1994 .

[6]  P. Thompson,et al.  Engineering Construction Risks - A Guide to Project Risk Analysis and Risk Management , 1994 .

[7]  Armand Prieditis,et al.  Dynamic scheduling I: real-time decision making using simulation , 2003, WSC '03.

[9]  M. J. Foster Quantitative Approaches to Management (Third Edition) , 1976 .

[10]  Joseph H. M. Tah,et al.  Towards a framework for project risk knowledge management in the construction supply chain , 2001 .

[11]  Paul L. Walker,et al.  Making enterprise risk management pay off , 2002 .

[12]  Richard I. Levin,et al.  Quantitative Approaches to Management , 1971 .

[13]  F. Reilly,et al.  Investment Analysis and Portfolio Management , 1979 .

[14]  Robert Ball,et al.  Quantitative approaches to management , 1991 .

[15]  Jane P. Laudon,et al.  Management Information Systems: Managing the Digital Firm , 2010 .

[16]  H.L. Lee,et al.  Aligning Supply Chain Strategies with Product Uncertainties , 2002, IEEE Engineering Management Review.

[17]  Ralph L. Kliem,et al.  Project Management Practitioner's Handbook , 1998 .

[18]  S. Chopra,et al.  Supply Chain Management: Strategy, Planning & Operation , 2007 .

[19]  M. Dalal,et al.  Real-time decision making using simulation , 2003, Proceedings of the 2003 Winter Simulation Conference, 2003..

[20]  Rasool Azari,et al.  Current Security Management & Ethical Issues of Information Technology , 2003 .

[21]  Operations Risk & Supply Chain Design: An Event Study , 2002 .

[22]  M. J. Foster Quantitative Approaches to Management (5th Edition) , 1976 .

[23]  Dimitris Chorafas,et al.  Integrating ERP, CRM, Supply Chain Management, and Smart Materials , 2001 .

[24]  D. Lambert,et al.  SUPPLY CHAIN MANAGEMENT , 2003 .