Exiger, the market-leading supply chain and third-party risk AI company, has officially announced a link-up with The Chertoff Group, a security and growth advisory firm, to launch a Supply Chain Product Assurance Playbook.
According to certain reports, the stated playbook happens to bring forth a proven and scalable process that identifies, assesses, and remediates risks in hardware and software products, as well as supply chains.
More on the same would reveal how this solution is widely applicable across the public and commercial markets, enabling organizations to combat growing Foreign Ownership Control or Influence (FOCI) exposure, counter forced labor in supplier networks, demonstrate product integrity, and proactively comply with emerging regulations related to product and supply chain security. This whole mechanism, on its part, eliminates impediments to public-private collaboration to facilitate trust and transparency.
Another detail worth a mention here is how the new Supply Chain Product Assurance Playbook leverages Exiger’s AI-native technology to map and continuously monitor software and hardware products and supply chains, It also banks upon Chertoff Group’s expert cybersecurity expertise, regulatory insight, national security market knowledge to design and implement supply chain risk mitigations.
Such a combination of cutting-edge technology, actionable insights, and regulatory expertise, like you can guess, treads up a long distance to accelerate the supply chain risk management lifecycle, achieving measurable risk reduction and trust-building.
“When backed by Exiger’s market-leading supply chain tools, our proven cybersecurity and regulatory risk profiling and mitigation strategies can help those who need to demonstrate supply chain integrity, as well as those who want to provide proactive assurance and gain competitive advantage in the marketplace,” said Chad Sweet, CEO and co-founder of The Chertoff Group.
Talk about the new Supply Chain Product Assurance Playbook on a slightly deeper level, we begin from its promise to deliver trusted products. You see, customers can leverage the given solution to conjure up trusted relationships with customers and regulators, something they can do through demonstrated proactive investment in risk identification and remediation in products integral to operations.
Next up, there is the prospect of delivering resilient supply chains that are basically conceived with sub-tier visibility and item-level mapping. Both the things come together make it possible for companies to rapidly respond against unexpected disruptions, geopolitical conflicts, natural disasters, or capacity shortfalls.
Markedly enough, the playbook in question also lets you enjoy validated and up-to-date HBOMs and SBOMs. This means users can generate or verify software bills of materials (SBOMs) using binary analysis, validate hardware bills of materials (HBOMs), continuously monitor suppliers, and store BOMs in a platform which permits real-time changes to product composition or supply base.
Among other things, we ought to mention how this Supply Chain Product Assurance Playbook process is suitable for any industry, including energy, telecommunications, defense, healthcare, and the U.S. Government. We get to say so because Exiger’s Federal Cloud, a FedRAMP Moderate Authorized platform, ingests, aggregates, and analyzes bills of materials (BOMs) before parting data marked as Controlled Unclassified Information (CUI).
This can allow companies delivering mission-critical hardware and software products to seamlessly engage in the Playbook process with confidence. Beyond that, vendors and customers can collaboratively analyze identified risks and prioritize mitigations, thus helping the latter invest resources for the greatest impact.
In case that wasn’t enough, then we must mention that Supply Chain Product Assurance Playbook is also well-equipped to facilitate compliance with existing global regulations relevant to both the public and commercial sectors, such as the Uyghur Forced Labor Prevention Act, the U.S. National Institute of Standards and Technology (NIST) standards, U.S. federal supply chain and acquisition directives, and Executive Orders 14028/14017.
“If you can’t demonstrate product assurance through enhanced sub-tier visibility – including parts, components and software – you run the risk of not being able to do business with the Department of Defense, other government agencies, and some of the world’s largest organizations,” said Carrie Wibben, Exiger President. “This joint offering empowers organizations to assure their critical product supply chains on a continuous basis and removes barriers to vital public-private collaboration.”
