Abstract Information security is becoming an increasingly critical concern for organizations with IT infrastructures. The assets of an organization are vulnerable to both internal and external security threats, which exploit potential vulnerabilities, whether identified or not. As a result, effective Risk Management is essential to safeguard data and assets. In the digital age, where individuals are constantly connected to the internet and share personal information, the likelihood of cyber-attacks and threats is significantly higher. The COVID-19 pandemic has further amplified cybersecurity risks within organizations. In response, many organizations have turned to IT outsourcing, accelerating digital adoption to recover and build resilience against future disruptions. However, organizations now face increased concerns regarding potential risks linked to products or services that are outsourced, as they often have limited visibility into the technology they acquire. This paper researches the field of Supply Chain Risk Management (SCRM) and explores the threats, vulnerabilities, and risks faced by SCRM, to identify its criticality in today’s digital world. Also, it identifies the methods, principles, and standards available for managing risks for different types of suppliers and service providers in the supply chain. Finally, it emphasizes the need for further research and development in the SCRM field, to address the evolving challenges.
Latsiou et al. (Thu,) studied this question.