Supply Chain Expert
Supply Chain Expert
Cumulys enables procurement organizations to decide which procurement requirements their 3rd parties must adhere to and also provides the tools for suppliers to demonstrate compliance either by attestation, certification or independent review. Organizations can participate in UTC ‘s Armor program (powered by Cumulys) to gain shared access to the security practices of the utility sector’s most prevalent technology suppliers.
Goals
Goal 1
Accurately identify relevant product or service security and technology requirements.
Goal 2
Coordinate with vendors through attestation, certification or 3rd party reviews of your choice.
Goal 3
Participate and share results via an information sharing community peers (UTC - Armor).
Building the Pre-Procurement Process
Coordinate with 3rd Party
Vendor, product and software risk assessment of target system
Develop Reqs
Industry standards and compliance requirements for product or services
Verify & Validate
Security validation, risk identification and acceptance.
Process/Approach
Security by Design
Advisory services to design a secure procurement approach
Product Spec Development
Include the relevant industry and internal reqs
Publish Reqs
Share technical and security controls with partners
Procurement Stds
Create an inventory of procurement spec for tech types
Info Sharing
Participate in a community designed to lower costs
