The first step in managing risk to your supply chain is to thoroughly investigate each new vendor. Each Tier-1 vendor almost always depends on a complex web of additional global suppliers. Anglicotech conducts vendor risk assessments through an efficient five-step process based on National Institute of Standards and Technology (NIST) references. This process begins with a detailed understanding of the vendor and its supplier relationships to Tier-3, using our AI-enabled Supply Chain Illumination platform. We then evaluate threats and vulnerabilities, develop possible mitigations, and give an overall assessment of risk. This allows organizations to make better choices when working with vendors and actively manage their supply chains.
Managing risk to your supply chain begins with understanding its structure. Our team first baselines the supply chain using a Digital Twin platform powered by machine learning. Mapping out the nodes and connections in the supply chain identifies possible bottlenecks and drives scenario planning, modeling, and simulation for alternate supply routes. In addition, new vendors may be plotted on a notional supply chain model to assess risk and identify cost drivers and other operational factors such as distribution times and routes. These are often affected by region; for example, intra-European transportation routes present different challenges than those in Asia. Modeling, simulation and analysis by our supply chain experts is an effective way to find alternatives in advance, reduce risk, and assess change impacts in near real-time.
Anglicotech supported the Headquarters Marine Corps (HQMC) Current Operations Division in analyzing the impact of the COVID-19 pandemic on Supply Chains across multiple classes of supply, including Defense Logistics Agency (DLA) globally supported consumables, their Original Equipment Manufacturers (OEM), and 2nd Tier Suppliers. Our team conducted a risk assessment on production, focused on the Class IX Repair Parts and secondary repairables that would most impact readiness. Interestingly, the greatest impact was found to be on clothing production for uniforms, caused by 2nd and 3rd Tier suppliers shutting down.
In May 2021, the Colonial Pipeline suffered a ransomware attack, which infected its digital systems and shut it down for several days. The incident was deemed a national security threat and caused President Biden to declare a state of emergency. Colonial Pipeline paid a ransom of $4.4 million to the attackers. Such events are becoming increasingly common.
A crucial element of Supply Chain Risk Management is implementing cyber security best practices to protect your networks and other IT infrastructure. In the case of Defense organizations, this also includes adherence to mandatory DOD cyber security guidelines.
The Global Combat Support System – Marine Corp (GCSS-MC) is an Enterprise Resource Planning (ERP) system used by the entire Marine Corps to plan and manage acquisition. Anglicotech guided the GCSS-MC Program Management Office’s Cyber Security Team through implementation of DOD, DON and Marine Corps Policy and procedures, as required by the NIST SP 800-37r1 – Guide for Applying the Risk Management Framework to Federal Information Systems and NIST SP 800-39 – Managing Information Security Risk Organization, Mission and Information System View.