Supply chainA supply chain, sometimes expressed as a "supply-chain", is a complex logistics system that consists of facilities that convert raw materials into finished products and distribute them to end consumers or end customers. Meanwhile, supply chain management deals with the flow of goods within the supply chain in the most efficient manner. In sophisticated supply chain systems, used products may re-enter the supply chain at any point where residual value is recyclable. Supply chains link value chains.
Supply chain securityNOTOC Supply chain security (also "supply-chain security") activities aim to enhance the security of the supply chain or value chain, the transport and logistics systems for the world's cargo and to "facilitate legitimate trade". Their objective is to combine traditional practices of supply-chain management with the security requirements driven by threats such as terrorism, piracy, and theft. A healthy and robust supply chain absent from security threats requires safeguarding against disturbances at all levels such as facilities, information flow, transportation of goods, and so on.
Supply chain managementIn commerce, supply chain management (SCM) deals with a system of procurement (purchasing raw materials/components), operations management (ensuring the production of high-quality products at high speed with good flexibility and low production cost), logistics and marketing channels, so that the raw materials can be converted into a finished product and delivered to the end customer.
RiskIn simple terms, risk is the possibility of something bad happening. Risk involves uncertainty about the effects/implications of an activity with respect to something that humans value (such as health, well-being, wealth, property or the environment), often focusing on negative, undesirable consequences. Many different definitions have been proposed. The international standard definition of risk for common understanding in different applications is "effect of uncertainty on objectives".
SecuritySecurity is protection from, or resilience against, potential harm (or other unwanted coercion) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social groups, objects and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change. Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g.
Supply chain sustainabilitySupply-chain sustainability is the impact a company’s supply chain can make in promoting human rights, fair labor practices, environmental progress and anti-corruption policies. There is a growing need for integrating sustainable choices into supply-chain management. An increasing concern for sustainability is transforming how companies approach business. Whether motivated by their customers, corporate values or business opportunity, traditional priorities such as quality, efficiency and cost regularly compete for attention with concerns such as working conditions and environmental impact.
Risk managementRisk management is the identification, evaluation, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
ManagementManagement (or managing) is the administration of organizations, whether they are a business, a nonprofit organization, or a government body through business administration, nonprofit management, or the political science sub-field of public administration respectively. It is the science of managing the resources of businesses, governments, and other organizations.
Computer securityComputer security, cyber security, digital security or information technology security (IT security) is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide. The field is significant due to the expanded reliance on computer systems, the Internet, and wireless network standards such as Bluetooth and Wi-Fi.
Security guardA security guard (also known as a security inspector, security officer, factory guard, or protective agent) is a person employed by a government or private party to protect the employing party's assets (property, people, equipment, money, etc.) from a variety of hazards (such as crime, waste, damages, unsafe worker behavior, etc.) by enforcing preventative measures.
Information security auditAn information security audit is an audit of the level of information security in an organization. It is an independent review and examination of system records, activities, and related documents. These audits are intended to improve the level of information security, avoid improper information security designs, and optimize the efficiency of the security safeguards and security processes. Within the broad scope of auditing information security there are multiple types of audits, multiple objectives for different audits, etc.
Security managementSecurity management is the identification of an organization's assets (including people, buildings, machines, systems and information assets), followed by the development, documentation, and implementation of policies and procedures for protecting assets. An organization uses such security management procedures for information classification, threat assessment, risk assessment, and risk analysis to identify threats, categorize assets, and rate system vulnerabilities.
Risk assessmentRisk assessment determines possible mishaps, their likelihood and consequences, and the tolerances for such events. The results of this process may be expressed in a quantitative or qualitative fashion. Risk assessment is an inherent part of a broader risk management strategy to help reduce any potential risk-related consequences. More precisely, risk assessment identifies and analyses potential (future) events that may negatively impact individuals, assets, and/or the environment (i.e. hazard analysis).
Information securityInformation security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized or inappropriate access to data or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents.
National securityNational security, or national defence, is the security and defence of a sovereign state, including its citizens, economy, and institutions, which is regarded as a duty of government. Originally conceived as protection against military attack, national security is widely understood to include also non-military dimensions, such as the security from terrorism, minimization of crime, economic security, energy security, environmental security, food security, and cyber-security.
Private sectorThe private sector is the part of the economy, sometimes referred to as the citizen sector, which is owned by private groups, usually as a means of establishment for profit or non profit, rather than being owned by the government. The private sector employs most of the workforce in some countries. In private sector, activities are guided by the motive to earn money. A 2013 study by the International Finance Corporation (part of the World Bank Group) identified that 90 percent of jobs in developing countries are in the private sector.
Case studyA case study is an in-depth, detailed examination of a particular case (or cases) within a real-world context. For example, case studies in medicine may focus on an individual patient or ailment; case studies in business might cover a particular firm's strategy or a broader market; similarly, case studies in politics can range from a narrow happening over time like the operations of a specific political campaign, to an enormous undertaking like, world war, or more often the policy analysis of real-world problems affecting multiple stakeholders.
IT riskInformation technology risk, IT risk, IT-related risk, or cyber risk is any risk relating to information technology. While information has long been appreciated as a valuable and important asset, the rise of the knowledge economy and the Digital Revolution has led to organizations becoming increasingly dependent on information, information processing and especially IT. Various events or incidents that compromise IT in some way can therefore cause adverse impacts on the organization's business processes or mission, ranging from inconsequential to catastrophic in scale.
Security information and event managementSecurity information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware. Vendors sell SIEM as software, as appliances, or as managed services; these products are also used to log security data and generate reports for compliance purposes.
Value chainA value chain is a progression of activities that a firm operating in a specific industry performs in order to deliver a valuable product (i.e., good and/or service) to the end customer. The concept comes through business management and was first described by Michael Porter in his 1985 best-seller, Competitive Advantage: Creating and Sustaining Superior Performance. The idea of the value chain is based on the process view of organizations, the idea of seeing a manufacturing (or service) organization as a system, made up of subsystems each with inputs, transformation processes and outputs.
