Although efforts have been made to standardize Supply Chain (SC) security risk assessment, there is a lack of targeted methodologies. In this paper we propose Medusa, a SC risk assessment methodology, compliant with ISO28001. Medusa can be used in order to assess the overall risk of the entire supply chain. The derived overall risk values are used in order to generate a baseline SC security policy, identifying the least necessary security controls for each participant in the SC. In addition, Medusa assesses the risk of cascading threat scenarios within a SC. This enables the SC participants to fine-tune their security policies according to their business role as well as their dependencies.
CITATION STYLE
Polemi, N., & Kotzanikolaou, P. (2015). Medusa: A supply chain risk assessment methodology. In Communications in Computer and Information Science (Vol. 530, pp. 79–90). Springer Verlag. https://doi.org/10.1007/978-3-319-25360-2_7
Mendeley helps you to discover research relevant for your work.