Managing the Risks of Outsourcing IT Security in Supply Chain

Enterprises are expeditiously outsourcing the non-core business processes and functions. This is happening in order for new efficiencies to be found and costs to be reduced along with the increase of shareholder value. Enterprises in a supply chain use networks to share information assets. Information Systems and Information Technology are essential for their business operations. Organizations resort to outsourcing, in order to balance the infinite requirements with organisational assets. Supply chains that are relying upon sourced Information Systems (or/and IT) are vulnerable from Information Security (IS) specific types of risks to supply chains. These systems and their components are at increasing risk of supply chain. The process of securing all elements of IT systems (whether it is hardware, software, or services) throughout their life cycle is critical. The scope of the chapter is to identify the basic process of outsourcing Information Security functions/processes in Supply Chain and moreover to adduce the practice of it.