Updated Supply Chain Resiliency & SCRM Resources
With the recent deployment of our new LOG 0440 Supply Chain Resiliency Fundamentals online training course, let’s take a moment to examine the critically important topics of Supply Chain Resilience, Supply Chain Security, Supply Chain Risks, and Supply Chain Risk Management (SCRM), along with a range of related resources and references:
Definitions
- Supply Chain Resilience (SCR) – The capability of supply chains to respond quickly, so as to ensure continuity of operations after a disruption, and to quickly adapt to change. Resilience is the expected outcome of proactive Supply Chain Risk management and Supply Chain Security (Source: (ASD(S) November 28, 2022 “Supply Chain Risk Management Draft Taxonomy Version 1.0 – Advance Copy” memo)
- Supply Chain Risk - The risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system. (Source: DoD Instruction 5200.44 Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN))
- Supply Chain Risk Management (SCRM) – The process of proactively identifying supply chain vulnerabilities, threats, and potential disruptions, and implementing mitigation strategies to ensure the security, integrity, and uninterrupted flow of materials, products, and services as risks are found or disruptions occur. (Source: (ASD(S) November 28, 2022 “Supply Chain Risk Management Draft Taxonomy Version 1.0 – Advance Copy” memo)
- Supply Chain Risk Management (SCRM). A systematic process for managing supply chain risk by identifying susceptibilities, vulnerabilities and threats throughout DoD’s “supply chain” and developing mitigation strategies to combat those threats whether presented by the supplier, the supplied product and its subcomponents, or the supply chain (e.g., initial production, packaging, handling, storage, transport, mission operation, and disposal). (Source: DoD Instruction 5200.44 Protection of Mission Critical Functions to Achieve Trusted Systems and Networks (TSN))
- Supply Chain Risk Management (SCRM) - “The process for managing risk by identifying, assessing, and mitigating threats, vulnerabilities, and disruptions to the DoD supply chain from beginning to end to ensure mission effectiveness. Successful SCRM maintains the integrity of products, services, people, and technologies, and ensures the undisrupted flow of product, materiel, information, and finances across the lifecycle of a weapon or support system. DoD SCRM encompasses all sub-sets of SCRM, such as cybersecurity, software assurance, obsolescence, counterfeit parts, foreign ownership of sub-tier vendors, and other categories of risk that affect the supply chain.” (Source: DoD Instruction 4140.01 DoD Supply Chain Materiel Management Policy)
- Supply Chain Security (SCS) – The application of policies, procedures, processes, and technologies to ensure the security, integrity, and uninterrupted flow of products while moving through the supply chain. Examples include the ability to protect supply chains from cyber infiltrations and the introduction of counterfeit material. (Source: (ASD(S) November 28, 2022 “Supply Chain Risk Management Draft Taxonomy Version 1.0 – Advance Copy” memo)
Training
- CLCL 003A Supply Chain Integration Credential
- CLCL 017 Supply Chain Resiliency Credential
- ACQ 3200, Foreign Investment and National Security
- CLE 074 Cybersecurity Throughout Acquisition
- CLE 080 Supply Chain Risk Management for Information and Communications Technology
- CME 130 Surveillance Implications of Manufacturing and Subcontractor Management
- CME 230 Production Planning and Control (PP&C)
- CMI 140 Multifunctional Surveillance of Prime Suppliers' Control of Subcontractors
- FAC 093 Introduction to Supply Chain Risk Management
- LOG 0070 Lead-Free Electronics Impact on DoD Programs
- LOG 0320 Preventing Counterfeit Parts from Entering DoD Supply System
- LOG 0390 Additive Manufacturing Overview
- LOG 0400 Additive Manufacturing Case Studies
- LOG 0440 Supply Chain Resiliency Fundamentals
- LOG 0590 Digital Product Support Fundamentals
- LOG 0600 Data Analytics Fundamentals for Product Support
- LOG 0620 Counterfeit Prevention Awareness
- LOG 0630 Introduction to Parts Management
- LOG 0640 DMSMS: What Program Management Needs To Do And Why
- LOG 0650 DMSMS Fundamentals
- LOG 0660 DMSMS Executive Overview
- LOG 0670 DMSMS Basic Component Research
- LOG 1050 Fundamentals of Systems Sustainment Management
- LOG 2060 Intermediate Sustainment Management
- WSL 008 Supply Chain Management Workshop
Additional Resources
- DoD Instruction 4140.67 DoD Counterfeit Prevention Policy
- SD-19 Parts Management Guide
- SD-22 Diminishing Manufacturing Sources & Materials Shortages (DMSMS) Guidebook
- DoD Program Manager’s Guidebook for Integrating the Cybersecurity Risk Management Framework (RMF) into the System Acquisition Lifecycle
- Army Counterfeit Parts and Materials Prevention Guidebook
- Counterfeit Parts ACQuipedia Article
- Cybersecurity Maturity Model Certification (CMMC) ACQuipedia Article
- Diminishing Manufacturing Sources & Materials Shortages (DMSMS) ACQuipedia Article
- Lead-Free Electronics ACQuipedia Article
- Parts Management ACQuipedia Article
- Supply Chain Risk Management (SCRM) ACQuipedia Article
- DMSMS Knowledge Sharing Portal (DKSP)
- Parts Management Knowledge Sharing Portal (PMKSP)
- Product Support Analytical Tools Database
- Cybersecurity & Acquisition Lifecycle Integration Tool (CALIT)
- Defense Acquisition Magazine Article “Supply Chain Risk—What Is It?” (March-April 2017)
- Defense AT&L Magazine Article “Supply Chain Risk Management: An Introduction to the Credible Threat” (July-August 2016)
- Air Force 448 SCMW Supply Chain Risk Management (SCRM) Acquisition Guide
- SCRM Framework Report Phase I - Publicly Releasable (15 May 2023)
- GAO Audit GAO-17-768 Defense Supply Chain: DOD Needs Complete Information on Single Sources of Supply to Proactively Manage the Risks (Sep 28, 2017)
- Supply Chain Threats
- Enhanced Procedures for Supply Chain Risk Management
Note: This blog post updates and supersedes several earlier LOG Blog Posts including a November 2018 post “Supply Chain Risk Management (SCRM) Learning Assets”, July 2020 post entitled “DAU Supply Chain Risk Management (SCRM) Resources”, and a February 2022 post entitled “Hot Topics (Part 1): Supply Chain Resiliency.”