Supply Chain Expert
Supply Chain Expert
Cumulys enables procurement organizations to decide which procurement requirements their 3rd parties must adhere to and also provides the tools for suppliers to demonstrate compliance either by attestation, certification or independent review. Organizations can participate in UTC's Armor program—powered by Cumulys—to gain shared access to the security practices of the utility sector’s most prevalent technology suppliers.
Goals
Goal 1
Accurately identify relevant product or service security and technology requirements.
Goal 2
Coordinate with vendors through attestation, certification or third party reviews of your choice.
Goal 3
Participate and share results via an information sharing community peers (UTC - Armor).
Building the Pre-Procurement Process
Coordinate with Third Party
Vendor, product and software risk assessment of target system
Develop Reqs
Industry standards and compliance requirements for product or services
Verify & Validate
Security validation, risk identification and acceptance
Process/Approach
Security by Design
Advisory services to design a secure procurement approach
Product Spec Development
Include the relevant industry and internal requirements
Publish Requirements
Share technical and security controls with partners
Procurement Standards
Create an inventory of procurement spec for tech types
Information Sharing
Participate in a community designed to lower costs
