ASIS International has issued a new standard to help organisations address operational risks in their supply chains, including risks to tangible and intangible assets.
Developed by a global, cross-disciplinary technical team in partnership with the Supply Chain Security Council, the ‘Supply Chain Risk Management: A Compilation of Best Practises’ Standard will serve as a practitioner’s guide to Supply Chain Risk Management (SCRM) and associated processes for the management of risks within a given company and its end-to-end supply chain.
This guidance Standard is a compilation of current Best Practice techniques. It presents a generic approach to risk and resilience management that’s applicable to all types of risk and all types of organisations. View the Executive Summary (PDF). ASIS members are allowed one free download.
Assessment and control of risk events
SCRM is a vital process for organisations reliant upon extended operations – both internal and external – for their success. It involves the assessment and control of risk events at all points in an end-to-end supply chain, from sources of raw materials through to end use by customers and consumers alike.
“In today’s global economy, all organisations have critical dependencies and interdependencies,” explained Dr Marc H Siegel, commissioner of the ASIS Global Standards Initiative. “Therefore, to build a resilient business it’s essential to understand the organisation’s supply chain and how risks within the business and its supply chain impact the achievement of objectives.”
Dr Siegel added: “Based on the experiences of both large and small organisations, this is the first standard to provide practical guidance around managing risks in the supply chain to increase the resilience capacity for businesses and create value.”
The SCRM Standard will help practitioners anticipate, prevent, protect, mitigate, manage, respond to and recover from potentially undesirable and disruptive events, as well as identify opportunities.
However, the best strategy for addressing risk events will be determined by the organisation’s context of operations, its risk appetite and the results of risk assessments.
Adoption of this standard should build on rather than supplant existing specialisedd risk programmes.