Verify supply chain security system requirements and controls for design, development, production, operations, and service.

SHARE:

SCS 9001 standard:

The Telecommunications Industry Association (http://tiaonline.org/)-the trusted industry association for the connected world announced in January 2022, the release of the world's first supply chain security standard, SCS 9001™, developed specifically for the information and communications technology (ICT) industry. SCS 9001 is relevant for all ICT industry products, including software, hardware, and the services that connect to our global networks. The objective of SCS 9001 is to verify end-to-end cyber and physical security across ICT network infrastructure. To accomplish this, SCS 9001 was created as a process-based standard with an independent audit and certification program for suppliers and service providers to verify that critical security controls and processes are in place for their products and solutions. The new standard is unique because it is built around a Quality Management System (QMS) which operationalizes industry guidelines and best practices, such as ISO 27001, the Prague Proposals, relevant NIST standards, and the CSIS Criteria for Security and Trust. 

This is the first ICT cybersecurity management system standard applicable for the supply chain. SCS 9001 is a Supply Chain Security Management System built on ISO 9001[7] and designed for the information and communication technologies (ICT) industry in response to the call for industry specific requirements and measurements. The purpose of SCS 9001 is to define the supply chain security system requirements and controls for design, development, production, operations, and service.

In addition, it specifies measurements for companies to help evaluate the effectiveness of supply chain security implementation and improvement programs TIA Quest Forum & ANAB have published a news letter regarding SCS9001 and announced DNV as one of the 5 certification bodies qualified to do the audits on supply chain security.

How DNV can Help?

DNV is an authorised SCS 9001 Certification Body (CB), auditors play a critical role in reaping the benefits of a SCS 9001 registration for an organization. First, they can assess where the organization's processes fully conforms with SCS 9001 requirements, identify weaknesses, and also offer opportunities for improvement. 

CB auditors must meet rigid and exacting requirements before being permitted to audit organizations and they must work for accredited certification bodies which also must meet extensive requirements before being authorized to certify an organization as conforming to SCS 9001.