To highlight the importance — and invasiveness — of the concept of the supply chain, take a look at Section 254 of the Duncan Hunter National Defense Authorization Act For Fiscal Year 2009.
As stated in this section: “The Secretary of Defense shall conduct an assessment of selected covered acquisition programs to identify vulnerabilities in the supply chain of each program’s electronics and information processing systems that potentially compromise the level of trust in the systems.”
The assessment includes identification and prioritization of vulnerabilities, recommending ways of managing supply chain risk, and identifying lead Department of Defense personnel for developing an integrated strategy for the management of risk throughout the supply chain.
Of critical importance in the military supply chain is the acquisition of electronic components. The goal is to ensure full operational readiness of US military forces. With the heavy reliance on technology to support the US military, the failure of an electronic component could be costly, not just in terms of tax dollars but also in terms of human life.
Repeated through this section is the word “trust“. In fact, it is repeated eight times not including the definitions of the terms “trust” and “trusted” in the last two paragraphs or the title of the section, Trusted Defense Systems.
I think Section 254 can be summarized as follows: Trust, and verify.
And it’s not just the electronic components that require verifiable trust, it’s also the verifiable trust in the “information processing systems” used in the supply chain. (It sounds to me like they’re talking about the computer systems and communication networks.) Verifiable trust needs to also exist in the design and fabrication processes, packaging, assembly, and quality assurance testing.
So, how should verifiable trust in supply chain relationships work? Perhaps true collaboration between trading partners who monitor each other and (immediately) report discrepancies, especially when the necessary goal is 100% accuracy.
This reminds me of a slide in my supply chain fraud presentation, which simply states: “You can outsource manufacturing, but you can’t outsource responsibility.” As opposed to verifiable trust, it would seem that for too long some supply chains have been operating under the concept of blind trust.
Retailers have been establishing their own quality assurance departments to verify that children’s toys are lead free. Verifiable trust could have helped avoid the deaths from tainted pet food. Tainted peanut-based foods may have never made it to the store shelves with just trust that no supplier would purposefully want to damage their reputation by harming the consumers who buy their products. Shouldn’t retailers and grocery stores be able to trust their suppliers to manufacture quality products that, when eaten or used accordingly, will not cause injury or death?
An argument is that this would come at a cost that consumers who must be willing to bear higher prices, or that companies must be willing to accept in terms of higher operating costs that will reduce profit margins, upsetting financial analysts and thus lowering stock prices which will then upset stockholders, especially if it results in lower dividends. But isn’t this a responsibility that a company manufacturing a product should be willing to — if not expected to — bear? Shouldn’t a company be valued more on the quality of its products then the quantity of its profit margin?
Maybe the government got this one right, folks. Maybe we need more verifiable trust in our supply chain relationships, especially the ones involving the products we purchase as consumers. It’s okay to trust, but verify too.