C-TPAT, the U.S. Customs Trade Partnership Against Terrorism, is a voluntary government-company initiative to build cooperative relationships that strengthen the international supply chain and security at U.S. borders. C-TPAT cooperates with industry by granting certifications to companies that voluntarily agree to adopt the program`s safety guidelines and integrate them into their supply chains. The program is open to all parties involved in the transport of international goods, including carriers – ocean, air, rail and truck; Importers, foreign producers, brokers, consolidators, ocean transport agents, port authorities and terminal operators. The World Shipping Council and its member companies were pleased to participate in the development of the program. All MSC members are registered with C-TPAT today. Learn more on CBP`s C-TPAT website. Security is as strong as the weak link. Despite organizations` efforts to secure intellectual property and other sensitive information, limited progress has been made in effectively managing information risks in the supply chain. This increases the potential for weak connections and the risk of confidential information being compromised. To be better prepared, organizations should consider all aspects of information risk in the supply chain and “follow information.” The key to managing information risk in the supply chain is an information-based, risk-based approach to determining what information is shared and assessing the likelihood and effects of a compromise. Taking into account the nature of their supply chains, defining common information and assessing the likelihood and impact of potential trade-offs allow companies to balance information risk management efforts on all aspects of risk.
The World Shipping Council and its member companies continue to provide feedback and support to the Department of Homeland Security`s (DHS) Department of Homeland Security`s Science and Technology Directorate and U.S. Customs and Border Guard (CBP) to develop container security technologies. The MSC also oversees ongoing work on container safety equipment within the International Organization of Standards (ISO). In August 2009, the WSC and representatives of member companies participated in a DHS S-T event on container security technology. The goal of S-T has been repeatedly stated that their objective is not to propose new U.S. safety requirements, but to assess the capabilities of current container safety technologies to establish open architectural standards. The results of the upstream assessment, combined with the supply chain map, may draw attention to a significant concentration of information risk among upstream suppliers. This may trigger the need to identify controls or requirements that the organization may have to submit to its suppliers in order to protect its information when these enterprise information providers are unlocked in advance. The key to managing information risk in the supply chain is an information-based, risk-based approach to determining what information is shared and assessing the likelihood and effects of a compromise. Companies should also use a robust, scalable and reproducible process to address information-related risks in the supply chain – to achieve security commensurate with risk.
Supply chain risk management should be integrated into the procurement and supplier management processes of existing suppliers, so that managing supply chain information risks is part of the regular business.