Discuss what the process of vendor evaluation should focus on.

What will be an ideal response?

The process of vendor evaluation should particularly focus on identifying any new practices for mitigating the security risks associated with supply chain management. It is vitally important to assure the supply chain, because automated procurement systems have brought a whole new host of Internet-based threats into the supply chain management process. The consequence is that companies who previously never had to worry about being breached through weaknesses in their vendor supply chain now need to have procedures in place to protect themselves from attacks that might originate from their own vendor community. This is not strictly an electronic problem. In order to deal with it, consideration has to be given to potential harm from vendor personnel as well as failures in vendor procedures. Consequently, the SCO role not only has to patrol the company space; it also has to identify all reasonable threats from the people whom the company deals with.