__NOTOC__ Supply chain security (also "supply-chain security") activities aim to enhance the

security Security is protection from, or resilience against, potential harm (or other unwanted coercion). Beneficiaries (technically referents) of security may be persons and social groups, objects and institutions, ecosystems, or any other entity or ...

of the

supply chain A supply chain is a complex logistics system that consists of facilities that convert raw materials into finished products and distribute them to end consumers or end customers, while supply chain management deals with the flow of goods in distri ...

value chain A value chain is a progression of activities that a business or firm performs in order to deliver goods and services of Value (economics), value to an end customer. The concept comes from the field of business management and was first described ...

, the transport and

logistics Logistics is the part of supply chain management that deals with the efficient forward and reverse flow of goods, services, and related information from the point of origin to the Consumption (economics), point of consumption according to the ...

systems for the world's

cargo In transportation, cargo refers to goods transported by land, water or air, while freight refers to its conveyance. In economics, freight refers to goods transported at a freight rate for commercial gain. The term cargo is also used in cas ...

and to "facilitate legitimate trade".Government of Canada
Agreement between Canada and the European Union on Customs Cooperation with Respect to Matters Related to Supply-Chain Security
signed 4 March 2013, accessed 18 August 2021 Their objective is to combine traditional practices of supply-chain management with the security requirements driven by threats such as

terrorism Terrorism, in its broadest sense, is the use of violence against non-combatants to achieve political or ideological aims. The term is used in this regard primarily to refer to intentional violence during peacetime or in the context of war aga ...

piracy Piracy is an act of robbery or criminal violence by ship or boat-borne attackers upon another ship or a coastal area, typically with the goal of stealing cargo and valuable goods, or taking hostages. Those who conduct acts of piracy are call ...

, and theft. A healthy and robust supply chain absent from security threats requires safeguarding against disturbances at all levels such as facilities, information flow, transportation of goods, and so on. A secure supply chain is critical for organizational performance. Typical supply-chain security activities include: * Credentialing of participants in the supply chain * Screening and validating of the contents of cargo being shipped * Advance notification of the contents to the destination country * Ensuring the security of cargo while in transit, for example through the use of locks and tamper-proof seals * Inspecting cargo on entry

Overview

According to the

Office of the Director of National Intelligence The director of national intelligence (DNI) is a cabinet-level United States government intelligence and security official. The position is required by the Intelligence Reform and Terrorism Prevention Act of 2004 to serve as executive head o ...

in the United States, "adversaries exploit supply chain vulnerabilities to steal America’s intellectual property, corrupt our software, surveil our critical infrastructure, and carry out other malicious activities. They infiltrate trusted suppliers and vendors to target equipment, systems, and information used every day by the government, businesses, and individuals." Local police departments often lack the resources to properly address supply chain security.

Transit theft

Theft and ''shrinkage'' can take place anywhere in the logistics chain: from the shipper, carrier, or consignee. It may be packages, pallet loads, and full truck loads. It can involve individuals with an opportunity to take cargo or can involve organized crime. Security systems involving surveillance systems,

tracking system A tracking system or locating system is used for Surveillance, tracking persons or objects that do not stay in a fixed location, and supplying a time-ordered sequence of positions (track). Applications A myriad of tracking systems exist. ...

s, and broader corporate security are needed to reduce the theft of material.

History

The terrorist attacks of 9/11 were the defining event for modern supply chain security. Before 9/11 supply chain security was primarily the concern of the

insurance Insurance is a means of protection from financial loss in which, in exchange for a fee, a party agrees to compensate another party in the event of a certain loss, damage, or injury. It is a form of risk management, primarily used to protect ...

and risk management industries; after the attacks more structured approaches were implemented. Early efforts were dominated by concerns over the use of maritime shipping to deliver weapons of mass destruction. From 2001 to 2006 efforts focused on the physical security of goods and shipments but from 2012 on focus shifted to cybersecurity as the awareness of cyber threats grew. The

European Union The European Union (EU) is a supranational union, supranational political union, political and economic union of Member state of the European Union, member states that are Geography of the European Union, located primarily in Europe. The u ...

also treated the 2010 transatlantic aircraft bomb plot involving packages being sent from

Yemen Yemen, officially the Republic of Yemen, is a country in West Asia. Located in South Arabia, southern Arabia, it borders Saudi Arabia to Saudi Arabia–Yemen border, the north, Oman to Oman–Yemen border, the northeast, the south-eastern part ...

to the

United States The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 U.S. state, states and a federal capital district, Washington, D.C. The 48 ...

, as a significant factor in relation to supply chain security.European Commission
Communication from the Commission to the European Parliament, the Council and the European Economic and Social Committee on Customs Risk Management and Security of the Supply Chain
COM(2012) 793 final, published 8 January 2013, accessed 27 December 2023 The European Union's

regulation Regulation is the management of complex systems according to a set of rules and trends. In systems theory, these types of rules exist in various fields of biology and society, but the term has slightly different meanings according to context. Fo ...

on the

Community Customs Code The European Union Customs Union (EUCU), formally known as the Community Customs Union, is a customs union which consists of all the member states of the European Union (EU), Monaco, and the British Overseas Territory of Akrotiri and Dhekeli ...

(2008) includes reference to supply chain security in its outline of the mission of each EU

customs authority Customs is an authority or Government agency, agency in a country responsible for collecting tariffs and for controlling International trade, the flow of goods, including animals, transports, personal effects, and hazardous items, into and out ...

: In February 2021 US President

Joe Biden Joseph Robinette Biden Jr. (born November 20, 1942) is an American politician who was the 46th president of the United States from 2021 to 2025. A member of the Democratic Party (United States), Democratic Party, he served as the 47th vice p ...

made supply chain security one of his administration's priorities.

Key initiatives

There are a number of supply-chain security initiatives around the world, including: * The

Customs Trade Partnership against Terrorism The Customs-Trade Partnership Against Terrorism (C-TPAT) is a voluntary supply-chain security program led by U.S. Customs and Border Protection (CBP) focused on improving the security of private companies' supply chains with respect to terroris ...

(C-TPAT), a voluntary compliance program for companies to improve the security of their corporate supply chains. *Operation Safe Commerce (OSC), a U.S. federal program designed to test and evaluate practices, policies and procedures aimed at improving the security of international containerized shipping. * The

World Customs Organization The World Customs Organization (WCO) is an intergovernmental organization headquartered in Brussels, Belgium. Notable projects include its collaboration with the WTO on trade facilitation and the implementation of the SAFE Framework of Standar ...

(WCO) adopted the Framework of Standards to Secure and Facilitate Global Trade in 2005, which consists of supply-chain security standards for Customs administrations including

authorized economic operator According to the World Customs Organization (WCO), an authorized economic operator (AEO) is The growth of global trade and increasing security threats to the international movement of goods have forced customs administrations to shift their ...

(AEO) programs. * The Container Security Initiative (CSI), a program led by

U.S. Customs and Border Protection United States Customs and Border Protection (CBP) is the largest federal law enforcement agency of the United States Department of Homeland Security. It is the country's primary border control organization, charged with regulating and facilita ...

in the

Department of Homeland Security The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior, home, or public security ministries in other countries. Its missions invol ...

(DHS) focused on screening containers at foreign ports. * The Global Container Control Programme (CCP), a joint United Nations Office on Drugs and Crime (UNODC)/World Customs Organization (WCO) initiative working to establish effective container controls at select ports across the globe with the aim to prevent trafficking of drugs, chemicals and other contraband and to facilitate trade by strengthening cooperation between the customs, trade and enforcement communities. * The Global Trade Exchange, a DHS

data-mining Data mining is the process of extracting and finding patterns in massive data sets involving methods at the intersection of machine learning, statistics, and database systems. Data mining is an interdisciplinary subfield of computer science and ...

program designed to collect financial information about shipments, with the objective of determining the safety of cargo shipments. * Pilot initiatives by companies in the private sector to track and monitor the integrity of cargo containers moving around the world using technologies such as

RFID Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder called a tag, a radio receiver, and a transmitter. When tri ...

and GPS. *The

BSI Group The British Standards Institution (BSI) is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies standards certification services for business and person ...

undertakes an annual survey of supply chain risk exposure, identifying and updating the main supply chain security concerns. In its 2020 report,

drug smuggling The illegal drug trade, drug trafficking, or narcotrafficking is a global black market dedicated to the cultivation, manufacture, distribution and sale of prohibited drugs. Most jurisdictions prohibit trade, except under license, of many types ...

, cargo theft of

pharmaceuticals Medication (also called medicament, medicine, pharmaceutical drug, medicinal product, medicinal drug or simply drug) is a drug used to diagnose, cure, treat, or prevent disease. Drug therapy ( pharmacotherapy) is an important part of the ...

and medical supplies and increasing warehouse and facility theft were identified as particular concerns. * The

International Organization for Standardization The International Organization for Standardization (ISO ; ; ) is an independent, non-governmental, international standard development organization composed of representatives from the national standards organizations of member countries. M ...

(ISO) has released a series of standards for the establishment and management of supply-chain security. ISO/PAS 28000 ''Specification for Security Management Systems for the Supply Chain'', offers public and private enterprise an international high-level management standard that enables organisations to utilize a globally consistent management approach to applying supply-chain security initiatives. ISO/IEC 20243 is The

Open Trusted Technology Provider Standard The Open Trusted Technology Provider Standard (O-TTPS) (''Mitigating Maliciously Tainted and Counterfeit Products'') is a standard of The Open Group that has also been approved for publication as an Information Technology standard by the Internati ...

(O-TTPS) (''Mitigating Maliciously Tainted and Counterfeit Products'') that addresses supply-chain security and secure engineering. *The EU-US Summit held in

Lisbon Lisbon ( ; ) is the capital and largest city of Portugal, with an estimated population of 567,131, as of 2023, within its administrative limits and 3,028,000 within the Lisbon Metropolitan Area, metropolis, as of 2025. Lisbon is mainlan ...

in November 2010, highlighting the need for their international "partnership to bring greater prosperity and security" for citizens on both sides of the Atlantic, provided a foundation for the

Transatlantic Economic Council The Transatlantic Economic Council (TEC) is a body set up between the United States and European Union to direct economic cooperation between the two economies. Establishment and chairmanship The TEC was established by an agreement signed on Apri ...

to build on, announcing at its December 2010 meeting an agreement "to deepen transatlantic cooperation in supply chain security policies".U.S.-EU Transatlantic Economic Council
Joint Statement
17 December 2010, accessed 23 December 2020 * The

Common Criteria The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (International Organization for Standardization, ISO/International Electrotechnical Commission, IEC 15408) for co ...

offers with EAL 4 an opportunity to include necessary evaluations that assure supply chain security for IT products

International agreements

*Efforts for countries around the world to implement and enforce the

International Ship and Port Facility Security Code The International Ship and Port Facility Security (ISPS) Code is an amendment to the Safety of Life at Sea (SOLAS) Convention (1974/1988) on Maritime security including minimum security arrangements for ships, ports and government agencies ...

(ISPS Code), an agreement of 148 countries that are members of the

International Maritime Organization The International Maritime Organization (IMO; ; ) is a List of specialized agencies of the United Nations, specialized agency of the United Nations responsible for regulating maritime transport. The IMO was established following agreement at a ...

(IMO). *The European Union and the

Government of Canada The Government of Canada (), formally His Majesty's Government (), is the body responsible for the federation, federal administration of Canada. The term ''Government of Canada'' refers specifically to the executive, which includes Minister of t ...

entered into an Agreement on Customs Cooperation with Respect to Matters Related to Supply-Chain Security in March 2013.

Supply chain cyber security

Supply chain cyber security is a subset of supply chain security which focuses on the digital aspects of the traditional supply chain as well as the supply chain for electronic and digital goods.

References

External links

{{External links, date=March 2021
ICAO-WCO: Moving Air Cargo Globally - Air Cargo and Mail Secure Supply Chain and Facilitation Guidelines

IMO FAQ on the ISPS Code

MIT Project on Supply Chain Response to Terrorism

Supply Chain Risk Management Maturity Model

Stanford Global Supply Chain Management Forum

Supply chain security: adding to a complex operational and institutional environment, A Grainger (2007)

World Customs Journal: special issue on supply chain securityPort and Maritime Security OnlineChain of Perils: Hardening the Global Supply Chain and Strengthening America's Resilience

ISO 28002 supply chain security and resilience

Global Supply Chain Security, James Giermanski, Scarecrow Press, 2012 - 218 PagesImplementing a Robust Supply Chain Security & Risk Management
Supply chain management Security