Information assurance within supply chains’ structures and processes.
Loading...
Date
2017
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Organisations are challenging the traditional linear-based market model which is characterised by
a straight line movement of goods and services. As a result, they are increasingly forming and
moving towards a value web of supply chain network that connects a whole ecosystem of trading
partners. These networks, which are mostly complex and dynamic, are creating a global market
environment in which organisations no longer focus only on their immediate suppliers and
customers, but also on the optimization and the smooth flow of information, funds and materials,
within their respective direct and remote trading networks.
The large number of participants within most supply chain networks has necessitated that these
networks be agile and resilient. For supply chain networks to be agile and resilient, and for supply
chains’ structures, processes and resources to be synchronized and integrated, the organisations
within the supply chain must share information. Hence, in today’s supply chains, interests are
moving towards obtaining the most benefits from information. In order to obtain these benefits
from information, organisations are making use of information systems and their related
technologies to acquire, process and adequately share information. These systems are making it
possible for organisations to form strategic partnerships within the supply chain networks.
The global market environment is causing supply chains to expand, and the expansion is exposing
information to various security vulnerabilities and risks. The exposure of information to different
vulnerabilities and risks is forcing trading partners to seek assurance that the information within
their supply chain network is adequately protected and also performs as advertised. To understand
how the assurance sought by trading partners can be provided, this study investigated information
and information systems’ security within supply chains’ structures and processes. The study also
investigated how information assurance objectives (i.e. confidentiality, integrity, availability,
authentication and non-repudiation) can be achieved optimally within supply chains. Finally, the
study proposes an information assurance model, which if adopted by decision makers, could
enable them sustain their respective functions and processes within the supply chain network.
In order to achieve the objectives of this study, the exploratory design and the case study approach
were adopted in this study. The study also adopted the qualitative research method, and hence,
semi-structured interviews were conducted, and served as the primary means of data collection.
Participants in this study were drawn from two categories of organisations, which are supply chain
and logistics organisations, and Information Technology (IT) consulting organisations. Therefore,
the purposive sampling method was adopted in this study. An inductive approach was adopted in
the analysis of data, and as a result, thematic analysis was adopted as the analysis method. The
main outcome of the study is the proposed information assurance model that can enable decision
makers sustain their respective functions and processes within the supply chain network.
Description
Doctoral degree. University of KwaZulu-Natal, Durban.