[an error occurred while processing this directive]
Go to previous section of document Link to chapter contents   Go to next section of document

Supply Chain Security

The Postal Service has proprietary assets that contribute to its competitiveness and success as a business. Protecting these assets is critical; however, in order to effectively meet the demands of a secure supply chain in today's environment, a comprehensive and integrated security focus is required, extending beyond asset protection and preventing the introduction of unauthorized contraband, people, and weapons of mass destruction into the supply chain.

The protection of goods and commodities as they travel through the supply chain poses unique challenges. Not only must the Postal Service be concerned about security procedures within our own processes and those of first-tier suppliers, but also they are dependent on the security procedures throughout the entire supply chain. Comprehensive supply chain security requires a partnership involving the Postal Service, supply chain partners, and other government agencies. The Purchase/SCM Team is responsible for complying with Postal Service security policies and procedures outlined in Administrative Support Manual (ASM) 2.7.2, Security, and ensuring that suppliers and supplier personnel are included when complying with security requirements.

In addition, protecting Postal Service information resources and sensitive information (including customer and employee personally-identified information (PII)) is an essential element of supply chain security, specifically when the Postal Service purchases IT or other information processing and information gathering services or when we make purchases that involve the collection or generation of PII. This includes incorporating adequate safeguards to protect the Postal Service's information technology assets and to prevent misuse or improper disclosure of clients and employee's personal information. Therefore, purchase/SCM teams must ensure that specifications or statements of work for IT purchases and associated RFPs and contracts address information security requirements. Additional information on the protection of PII and purchases of IT or other information processing and information gathering services is found in the Information Technology topic of the Commodity Specific Practice. Suppliers that have access to customer or employee data, or operate a customer website, may also be subject to the Postal Service's privacy requirements implementing the Privacy Act. Additional details on privacy considerations can be found in the Privacy Considerations topic of the General Practices.

Other Topics Considered

Material and Property Accountability topic, General Practices

Information Technology topic, General Practices

Privacy Considerations topic, General Practices

Go to previous section of document Link to chapter contents   Go to next section of document