The client for this engagement is currently in the ASX top twenty with global operations and a complex supplier network.
One of the key strategy items of the client’s head of security was to gain stricter control of their supplier relationships. Until that point there was a strong focus on a limited number of high risk suppliers and the only assurance carried out was following an incident or a near miss.
elevenM delivered a review of the existing supplier management procedures and reported back to the client on areas for potential uplift. This then led to the development of a NIST based holistic yet practical supplier management framework
elevenM carried out the following activities:
- A current state review against good practice
- Development of a roadmap to lift the maturity
- Development of corporate policies relating to vendor management
- Development of a supplier risk tiering model
- Development of a set of NIST based supplier assessments aligned to the policies
- Development of supplier risk reporting