Risky Business: An Analytical Approach to Services Supply Chain Risk Management

Abstract

Cyber threats, economic upheavals, and environmental disasters threaten global supply chains. These vulnerabilities impact the readiness of U.S. forces and their capacity to defend the nation. Consumers and the government need a framework for assessing vulnerabilities and establishing effective supply chains. MITRE’s System of Trust (SoT) serves as a framework to measure trustworthiness and identify risk factors affecting their supply chain security. The SoT develops a taxonomy of risk factors, defines risk measures attributable to those risk factors, and creates a framework for organizations to objectively quantify supply chain risk. Our study validates the services risk factors and identifies techniques and best practices to mitigate risk unique for services. Our research questions are: What are the primary indicators of supply chain risk, and which are unique to Department of Defense services? Furthermore, what are the best practices for preventing, mitigating, and responding to service-specific supply chain risks? This research draws on qualitative interview data to obtain insight into the services aspect of supply chains, systematically evaluate MITRE’s risk factors and risk measures, and identify gaps in available data. Our research results in a Services Supply Chain Risk Management Cyber threats, economic upheavals, and environmental disasters threaten global supply chains. These vulnerabilities impact the readiness of U.S. forces and their capacity to defend the nation. Consumers and the government need a framework for assessing vulnerabilities and establishing effective supply chains. MITRE’s System of Trust (SoT) serves as a framework to measure trustworthiness and identify risk factors affecting their supply chain security. The SoT develops a taxonomy of risk factors, defines risk measures attributable to those risk factors, and creates a framework for organizations to objectively quantify supply chain risk. Our study validates the services risk factors and identifies techniques and best practices to mitigate risk unique for services. Our research questions are: What are the primary indicators of supply chain risk, and which are unique to Department of Defense services? Furthermore, what are the best practices for preventing, mitigating, and responding to service-specific supply chain risks? This research draws on qualitative interview data to obtain insight into the services aspect of supply chains, systematically evaluate MITRE’s risk factors and risk measures, and identify gaps in available data. Our research results in a Services Supply Chain Risk Management Framework that managers should use to evaluate and mitigate risks within their supply chains.