Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Technology Product is based upon the belief that the acquisition process is a strategic planning and governance concern. The solution is a formally defined and implemented infrastructure of best practices aimed at specifically optimizing the coordination and control of the acquisition process across the organization. As with any complex process deployment, this can only be substantiated through a rational and explicit framework of auditable procedures. The creation and deployment of those procedures is at the core of this book. In a very detailed and organized fashion, Supply Chain Risk Management presents the concepts of secure acquisition and ICT supply chain risk management (SCRM) operations as an all-in-one concept. As such, there is no assumption about specialized knowledge. You will learn how to create a systematic and secure acquisition process as well as how to create a risk-based control structure for all levels of the supply chain. You will learn how to establish systematic sustainment and reporting within this structure and how to increase its capability. After reading this book you will be able to, Implement a formal, organization-wide, standards-based trust in sourced products. Define a comprehensive control structure to ensure continuous assurance. Create a standard process to achieve higher stages of requisite capability. This book provides a valuable insight to anyone who acquires technology products. This includes COTS and government off-the-shelf products as well as the participants in the supply chain at any level. However, given the management focus, it would be particularly useful to process architects and higher level executives responsible for assurance of the technology infrastructure. It also serves as a good general knowledge text for general interest practitioners. Because the ideas have practical business application, they seem highly attractive to any manager responsible for acquiring any form of complex products. The inclusion of a maturity model makes it especially attractive to strategic planners and any other type of security policy manager or upper level strategic decision-maker. Book jacket.