Skip to content

Dynamic Blog

Supply Chain Risk Management (SCRM)

Risk Assessment Questions for Federal IT

It’s a perilous world in information systems today. Threats can arise from cradle to grave in the IT life cycle. Critical systems can be compromised internally – within firmware and software – or during the logistical processes of IT configuration, deployment, and maintenance. Threats can be maliciously intentional, as with attacks from malware – or result from neglect, as with the lack of transparency and control.

Yet as serious as these risks are, federal users can significantly mitigate them through smart use of a Supply Chain Risk Management (SCRM) model in the IT supply chain.

Dynamic’s Supply Chain Risk Management Solution

Effective SCRM is precisely what Dynamic’s Q-wrxSM solution is designed to help federal contracting officers and procurement officers achieve. Q-wrx is built upon Dynamic’s ISO-certified quality management system. For each Q-wrx customer, we provide a package of proprietary IT configuration and asset management processes, customized to the organization’s security regulations and quality standards.

Answer the questions below to help you assess your own SCRM effectiveness – and whether you may need the help of a custom set of specialized SCRM processes, like Q-wrx.

IT Supply Chain Risk Management (SCRM) Questions

1. Acquisition

  • Does the supplier match all order requirements against approved customer standards?
  • Does the supplier confirm receipt and expected deliver date?
  • Is the order life cycle transparent so that technology hand-offs to our technology team is seamless?
  • Does the supplier confirm and approve authorized channels for procurement of the product?
  • Does the supplier confirm that we are receiving current, agreed-upon pricing?
  • Does the supplier verify that no additional cost savings are available from the OEM?
  • Does the supplier confirm that the OEM will meet the expected delivery date?

2. Technical Services

  • When a program requires software imaging and hardware integration, does the supplier documented all requirements and verified through a checklist process that each and every step was taken?
  • Does the supplier inspect incoming shipments to confirm specifications?
  • Does the supplier ensure that the system is 100% compliant with our requirements, and that hand-off to our technology team will be seamless?

3. Audit Proofing

  • Does the supplier document and store, in secured files, all system specifications, asset tag information, and software licensing information?
  • Does the supplier have all appropriate Standard Operating Procedures (SOPs), Certificates of Conformance (CoCs), and certified procedures securely documented and retained for future reference?

4. Logistics

  • Does the supplier inspect the product upon receipt and again upon delivery?
  • Does the supplier comply with our packaging, labeling, and shipping requirements?
  • Does the supplier provide required traceability on all equipment to ensure seamless receipt into our locations?

5. Disposal

6. Life Cycle Management

  • Does the supplier work with us and OEMs to smooth the transition to the next generation of technology?
  • Does the supplier communicate technology roadmaps to us? Can the supplier provide inventory support during transition? Does the supplier have a first article validation process?

Strict adherence to these practices helps ensure that our customers in U.S. government – and other highly regulated environments – receive the IT products expected, operating in precisely the ways intended.




Proactive End-of-Life Management

The Key to Product Lifecycle Extension

To DOWNLOAD our EOL White Paper, submit the form below.