The latest enterprise risk management news from around the world

CPNI issues supply chain risk management advice

The UK Government’s Centre for the Protection of National Infrastructure (CPNI) has published a new document which gives advice on handling supply chain vulnerabilities.

‘Mitigating Security Risk in the National Infrastructure Supply Chain a Good Practice Guide For Employers’ recommends that organizations should view supply chain security risk as being an extension of existing arrangements to mitigate security risk within the organization itself. To achieve this a supply chain security risk mitigation implementation plan is required which includes:

  • Comprehensive mapping of all tiers of the upstream and downstream supply chains to the level of individual contracts.
  • Risk scoring each contract to link in to the organization’s existing security risk assessment.
  • Due diligence/accreditation/assurance of suppliers (and potential suppliers) and the adoption, through contracts, of proportionate and appropriate measures to mitigate risk.
  • Audit arrangements and compliance monitoring.
  • Contract exit arrangements.

Read the document (PDF).



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.