White Papers
Copyright © 2019 Dell Inc. or its subsidiaries. All Rights Reserved. Dell, EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries
Dell also maintains certification with the United States Customs and Border Patrol’s Customs-Trade
Partnership Against Terrorist (C-TPAT). This logistics security program is recognized as compatible with
similar programs around the world, including the Authorized Economic Operator (AEO), Canada’s Supply
Chain Assurance v4.0 | Dell Inc., 2018 4 Partners in Protection, and Singapore’s Secure Trade Partnership
programs. While the primary focus of these programs is to prevent contraband, the required protections
also guard against tampering with products being imported.
Layer 4: Dell Technologies Supply Chain Security
The goal of Dell’s supply chain security processes is to provide continuous security risk assessment and
improvement. Dell’s Supply Chain Risk Management framework mirrors that of the comprehensive risk
management framework of the National Infrastructure Protection Plan (NIPP), which outlines how
government and the private sector can work together to mitigate risks and meet security objectives. Dell’s
framework incorporates an open feedback loop (see Figure 2) that allows for continuous improvement.
Risk mitigation plans are prioritized and implemented as appropriate throughout the entire solution life
cycle.
Figure 2 Managing the supply chain for Dell Technologies products
The process includes these safeguards by Dell Technologies for the supply chain:
1. Supplier governance by Dell
a. Audits
b. Global Inventory Control Policy
c. Measure suppliers’ security practices against industry best practices for physical security and for
mitigating counterfeit components, tainted software and firmware, and intellectual property theft
d. Quarterly Reviews