{"id":7856,"date":"2019-10-14T13:52:56","date_gmt":"2019-10-14T12:52:56","guid":{"rendered":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/"},"modified":"2019-10-14T13:52:56","modified_gmt":"2019-10-14T12:52:56","slug":"ncsc-supply-chain-security-guidance","status":"publish","type":"gsma_theme_resources","link":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/","title":{"rendered":"NCSC Supply chain security guidance"},"content":{"rendered":"<p>This guidance outlines a series of 12 principles designed to help establish effective control and oversight of a supply chain. It recognises that most organisations are reliant upon suppliers to deliver products, systems and services and that the supply chain can be large and complex. The principles cover cyber, physical and people security.<\/p>\n<p><strong>Audience<\/strong>: Senior leadership, Risk practitioner, Legal<\/p>\n<p><strong>Resource technology specifics:<\/strong> Generic<\/p>\n<p><strong>Resource type:<\/strong>\u00a0Guideline<\/p>\n<p><strong>Resource enforcement:<\/strong>\u00a0Voluntary<\/p>\n<p><strong>Resource certification type:<\/strong> Self-assessment<\/p>\n<span class=\"shortcode_button_wrapper\"><a class=\"shortcode_button gsmacolor_red size_medium\" href=\"https:\/\/www.ncsc.gov.uk\/collection\/supply-chain-security\" target=\"_blank\">Read<\/a><\/span>\n","protected":false},"excerpt":{"rendered":"<p>This guidance outlines a series of 12 principles designed to help establish effective control and oversight of a supply chain. It recognises that most organisations are reliant upon suppliers to deliver products, systems and services and that the supply chain can be large and complex. The principles cover cyber, physical and people security. Audience: Senior [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"template":"","meta":{"image":null,"json":{"gsma_resources_type":"Data","gsma_resources_thumb":"[]","gsma_resources_file":"[]","gsma_resources_multi":null,"gsma_resources_wgr":null,"gsma_resources_video":null,"gsma_resources_image":"[]","gsma_resources_url":"https:\/\/www.ncsc.gov.uk\/collection\/supply-chain-security","gsma_resources_date":"16-11-2018","gsma_resources_button":"Read"}},"tags":[],"resource_categories":[498,500,501,502,503,504,505],"algolia_discover_type":[1553],"class_list":["post-7856","gsma_theme_resources","type-gsma_theme_resources","status-publish","hentry","resource_categories-build-phase","resource_categories-decommissioning-phase","resource_categories-delivery-phase","resource_categories-deployment-phase","resource_categories-design-and-development-phase","resource_categories-operational-phase","resource_categories-procurement-phase","algolia_discover_type-resource"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.3 (Yoast SEO v24.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>NCSC Supply chain security guidance - Security<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NCSC Supply chain security guidance - Security\" \/>\n<meta property=\"og:description\" content=\"This guidance outlines a series of 12 principles designed to help establish effective control and oversight of a supply chain. It recognises that most organisations are reliant upon suppliers to deliver products, systems and services and that the supply chain can be large and complex. The principles cover cyber, physical and people security. Audience: Senior [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/\" \/>\n<meta property=\"og:site_name\" content=\"Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"NCSC Supply chain security guidance - Security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/","og_locale":"en_GB","og_type":"article","og_title":"NCSC Supply chain security guidance - Security","og_description":"This guidance outlines a series of 12 principles designed to help establish effective control and oversight of a supply chain. It recognises that most organisations are reliant upon suppliers to deliver products, systems and services and that the supply chain can be large and complex. The principles cover cyber, physical and people security. Audience: Senior [&hellip;]","og_url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/","og_site_name":"Security","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/","name":"NCSC Supply chain security guidance - Security","isPartOf":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website"},"datePublished":"2019-10-14T12:52:56+00:00","dateModified":"2019-10-14T12:52:56+00:00","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/ncsc-supply-chain-security-guidance\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/","name":"Security","description":"GSMA Security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"}]}},"cats":[{"term_id":1591,"name":"Airtel","slug":"airtel","term_group":0,"term_taxonomy_id":1591,"taxonomy":"resource_categories","description":"","parent":1590,"count":0,"filter":"raw"},{"term_id":1600,"name":"APAC","slug":"apac","term_group":0,"term_taxonomy_id":1600,"taxonomy":"resource_categories","description":"","parent":1599,"count":0,"filter":"raw"},{"term_id":1598,"name":"Branded Calling","slug":"branded-calling","term_group":0,"term_taxonomy_id":1598,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":498,"name":"Build","slug":"build-phase","term_group":0,"term_taxonomy_id":498,"taxonomy":"resource_categories","description":"","parent":507,"count":7,"filter":"raw"},{"term_id":1590,"name":"Company name","slug":"company-name","term_group":0,"term_taxonomy_id":1590,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":499,"name":"Concept","slug":"concept-phase","term_group":0,"term_taxonomy_id":499,"taxonomy":"resource_categories","description":"","parent":507,"count":4,"filter":"raw"},{"term_id":1584,"name":"Coordinated Vulnerability Disclosure","slug":"coordinated-vulnerability-disclosure","term_group":0,"term_taxonomy_id":1584,"taxonomy":"resource_categories","description":"","parent":1576,"count":1,"filter":"raw"},{"term_id":1597,"name":"Customer Education and Awareness Campaigns","slug":"customer-education-and-awareness-campaigns","term_group":0,"term_taxonomy_id":1597,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":200,"name":"cvd","slug":"cvd","term_group":0,"term_taxonomy_id":200,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":177,"name":"CVD Programme","slug":"cvd-programme","term_group":0,"term_taxonomy_id":177,"taxonomy":"resource_categories","description":"","parent":0,"count":3,"filter":"raw"},{"term_id":500,"name":"Decommissioning","slug":"decommissioning-phase","term_group":0,"term_taxonomy_id":500,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":501,"name":"Delivery","slug":"delivery-phase","term_group":0,"term_taxonomy_id":501,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":502,"name":"Deployment","slug":"deployment-phase","term_group":0,"term_taxonomy_id":502,"taxonomy":"resource_categories","description":"","parent":507,"count":8,"filter":"raw"},{"term_id":503,"name":"Design and Development","slug":"design-and-development-phase","term_group":0,"term_taxonomy_id":503,"taxonomy":"resource_categories","description":"","parent":507,"count":9,"filter":"raw"},{"term_id":1556,"name":"M360 APAC","slug":"m360-apac","term_group":0,"term_taxonomy_id":1556,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1557,"name":"M360 APAC","slug":"m360-apac-publications","term_group":0,"term_taxonomy_id":1557,"taxonomy":"resource_categories","description":"","parent":1517,"count":0,"filter":"raw"},{"term_id":1518,"name":"m360 Latam 2024","slug":"m360-latam-2024","term_group":0,"term_taxonomy_id":1518,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1509,"name":"M360 UK 2023","slug":"m360-uk-2023","term_group":0,"term_taxonomy_id":1509,"taxonomy":"resource_categories","description":"","parent":0,"count":6,"filter":"raw"},{"term_id":1582,"name":"Mobile Cybersecurity Knowledge Base","slug":"mobile-cybersecurity-knowledge-base","term_group":0,"term_taxonomy_id":1582,"taxonomy":"resource_categories","description":"","parent":1576,"count":45,"filter":"raw"},{"term_id":1503,"name":"MWC22 Barcelona","slug":"mwc22-barcelona","term_group":0,"term_taxonomy_id":1503,"taxonomy":"resource_categories","description":"","parent":0,"count":6,"filter":"raw"},{"term_id":1508,"name":"MWC23 Barcelona","slug":"mwc23-barcelona","term_group":0,"term_taxonomy_id":1508,"taxonomy":"resource_categories","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":1511,"name":"MWC23 Las Vegas","slug":"mwc23-las-vegas","term_group":0,"term_taxonomy_id":1511,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1516,"name":"MWC24 Barcelona","slug":"mwc24-barcelona","term_group":0,"term_taxonomy_id":1516,"taxonomy":"resource_categories","description":"","parent":0,"count":3,"filter":"raw"},{"term_id":1575,"name":"MWC25 Barcelona","slug":"mwc25-barcelona","term_group":0,"term_taxonomy_id":1575,"taxonomy":"resource_categories","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":322,"name":"NESAS","slug":"nesas","term_group":0,"term_taxonomy_id":322,"taxonomy":"resource_categories","description":"","parent":0,"count":5,"filter":"raw"},{"term_id":504,"name":"Operational","slug":"operational-phase","term_group":0,"term_taxonomy_id":504,"taxonomy":"resource_categories","description":"","parent":507,"count":23,"filter":"raw"},{"term_id":1578,"name":"Post quantum use case library","slug":"post-quantum-use-case-library","term_group":0,"term_taxonomy_id":1578,"taxonomy":"resource_categories","description":"","parent":1522,"count":6,"filter":"raw"},{"term_id":1522,"name":"Post-quantum","slug":"post-quantum","term_group":0,"term_taxonomy_id":1522,"taxonomy":"resource_categories","description":"","parent":0,"count":15,"filter":"raw"},{"term_id":1581,"name":"Post-Quantum Cryptography","slug":"post-quantum-cryptography","term_group":0,"term_taxonomy_id":1581,"taxonomy":"resource_categories","description":"","parent":1576,"count":11,"filter":"raw"},{"term_id":505,"name":"Procurement","slug":"procurement-phase","term_group":0,"term_taxonomy_id":505,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":1517,"name":"Publications","slug":"publications","term_group":0,"term_taxonomy_id":1517,"taxonomy":"resource_categories","description":"","parent":0,"count":46,"filter":"raw"},{"term_id":1599,"name":"Region","slug":"region","term_group":0,"term_taxonomy_id":1599,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":368,"name":"SAS","slug":"sas","term_group":0,"term_taxonomy_id":368,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1593,"name":"Scam Call Detection and Blocking","slug":"scam-call-detection-and-blocking","term_group":0,"term_taxonomy_id":1593,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1580,"name":"Securing the 5G era","slug":"securing-the-5g-era","term_group":0,"term_taxonomy_id":1580,"taxonomy":"resource_categories","description":"","parent":1576,"count":5,"filter":"raw"},{"term_id":1595,"name":"SIM Swap Fraud Prevention","slug":"sim-swap-fraud-prevention","term_group":0,"term_taxonomy_id":1595,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1594,"name":"SMS Phishing (Smishing) Detection","slug":"sms-phishing-smishing-detection","term_group":0,"term_taxonomy_id":1594,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1596,"name":"Subscription Fraud Prevention","slug":"subscription-fraud-prevention","term_group":0,"term_taxonomy_id":1596,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1563,"name":"Supply Chain Publications","slug":"supply-chain-publications","term_group":0,"term_taxonomy_id":1563,"taxonomy":"resource_categories","description":"","parent":1517,"count":1,"filter":"raw"},{"term_id":1585,"name":"Supply Chain Toolbox","slug":"supply-chain-toolbox","term_group":0,"term_taxonomy_id":1585,"taxonomy":"resource_categories","description":"","parent":1576,"count":8,"filter":"raw"},{"term_id":1583,"name":"T-ISAC","slug":"t-isac","term_group":0,"term_taxonomy_id":1583,"taxonomy":"resource_categories","description":"","parent":1576,"count":0,"filter":"raw"},{"term_id":1579,"name":"T-Isac Blog","slug":"t-isac-blog","term_group":0,"term_taxonomy_id":1579,"taxonomy":"resource_categories","description":"","parent":1501,"count":0,"filter":"raw"},{"term_id":1501,"name":"T-ISAC Resources","slug":"t-isac-resources","term_group":0,"term_taxonomy_id":1501,"taxonomy":"resource_categories","description":"","parent":0,"count":5,"filter":"raw"},{"term_id":1576,"name":"Technical Guidelines","slug":"technical-guidelines","term_group":0,"term_taxonomy_id":1576,"taxonomy":"resource_categories","description":"","parent":0,"count":52,"filter":"raw"},{"term_id":1592,"name":"Theme","slug":"theme","term_group":0,"term_taxonomy_id":1592,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":507,"name":"Topic","slug":"topic","term_group":0,"term_taxonomy_id":507,"taxonomy":"resource_categories","description":"","parent":0,"count":0,"filter":"raw"},{"term_id":1589,"name":"Use case","slug":"use-case","term_group":0,"term_taxonomy_id":1589,"taxonomy":"resource_categories","description":"","parent":0,"count":0,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/7856","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources"}],"about":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/types\/gsma_theme_resources"}],"author":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/users\/6"}],"version-history":[{"count":0,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/7856\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/media?parent=7856"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/tags?post=7856"},{"taxonomy":"resource_categories","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/resource_categories?post=7856"},{"taxonomy":"algolia_discover_type","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/algolia_discover_type?post=7856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}