answers or even suggestions offered about what we should actually do about it. Okay, enough flippancy. This article is not designed to offer opinion in respect to the validity or credibility of such paranoia (if it is indeed paranoia). The point of this article is to provoke debate about solutions to this potential dilemma, in the hope that we can move this stalled and stagnant area of discussion forward to another stage. recently. This idea was to provide inter alia, some upstream supply chain information that could potentially assist our customers. it involved the creation of labels similar to the type that provide nutritional information on food packaging, but for the IT products that we sell to our customers. These would become "Supply chain safety labels" chiefly designed for those within the government and national infrastructure markets. bring on-line new additions to the portfolio, we ask for, and record the following information about the products put forward for adoption: · Countries where the r&d and assembly occurs · Location(s) of major financial stake holdings and subsidiaries · Plan(s) in respect to on-going support arrangements for the our customers from risks inherent in a global supply chain, as well as within the rapidly developing and volatile iT industry. this information on quotes in the form of a "Traffic Light Scheme" to assist customers in identifying supply chain risks. We never did get around to finalising the criteria for such a labelling scheme, but for the point of illustration it could have read: amber = supply chain within the naTo member nations red = global supply chain Unassured supply Chain we soon realised we could get ourselves into trouble undertaking such politically sensitive discriminations without some serious governmental backing to which we could refer. Based upon this fear we decided to stick to plain labels only. than the green, who would really consider paying more for the "assured supply chain" option? are we paranoid to the degree that we apportion a tangible risk factor, which then translates to an economic buying decision based upon the value of a weighted risk? the origin or assembly of technology made by our customers. is perceived changes dependent upon your own location and associated risk factors. For instance, IT has distinctly different supply chain structures for software, hardware, services, and Cloud services. G-Cloud framework prevalent within the UK public sector, effort has been exercised to actually address supply chain assurance issues. sensitive data, threats of compromise appear to be more direct and immediate. To address these threats, G-Cloud introduces the concept of an accredited "Uk safe harbour"; Uk only domains perfect for sme's to engage in. This in turn serves a separate government agenda regarding the wider utilisation of sme's in the public sector supply chain. their data centre operations almost exclusively in geographic locations that are more economically viable and therefore not within the Uk, have held back the adoption of Cloud Services on a large scale, and specifically within the public sector. This is especially true when it involves departments outsourcing the more critical or sensitive elements of their business processes to an external third party. |