Because the Intelligence Community utilizes commercial products including those that may be manufactured abroad, it could be vulnerable to threat or compromise through its supply chain. Intelligence Community Directive 731 issued by Director of National Intelligence James Clapper on December 7 establishes IC policy on “Supply Chain Risk Management.”
“Many IC mission-critical products, materials, and services come from supply chains that interface with or operate in a global marketplace. A greater understanding of the risks inherent in the IC’s participation in the global market place is crucial to safeguarding our nation’s intelligence sources, methods, and activities,” the Directive said.
“Supply chain risk management is the management of risk to the integrity, trustworthiness, and authenticity of products and services within the supply chain.”
“It addresses the activities of foreign intelligence entities … and any other adversarial attempts aimed at compromising the IC supply chain, which may include the introduction of counterfeit or malicious items into the IC supply chain,” the Directive said.