This open standard is reportedly the first of its kind to help organizations achieve Trusted Technology Provider status, assuring the integrity of COTS ICT products worldwide and safeguarding the global supply chain against the increased sophistication of cyber security attacks.
Specifically intended to prevent maliciously tainted and counterfeit products from entering the supply chain, this first release of the O-TTPS codifies best practices across the entire COTS ICT product lifecycle, including the design, sourcing, build, fulfillment, distribution, sustainment, and disposal phases.
The O-TTPS will enable organizations to implement best practice requirements and allow all providers, component suppliers and integrators to obtain Trusted Technology Provider status. For customers, including government acquirers, O-TTPS can differentiate those providers who adopt the standard's practices. This raises the bar globally by helping the technology industry and its customers to "Build with Integrity, Buy with Confidence."
Tainted and counterfeit products pose significant risk to organizations because altered or non-genuine products introduce the possibility of untracked malicious behavior or poor performance. Both product risks can damage customers and suppliers resulting in failed or inferior products, revenue and brand equity loss, and disclosure of intellectual property. The increase in sophistication of cyber-attacks has forced technology suppliers and governments to take a more comprehensive approach to risk management as it applies to product integrity and supply chain security. Customers are now seeking assurances that their providers are following standards to mitigate the risks of tainted and counterfeit components, while providers of COTS ICT are focusing on protecting the integrity of their products and services as they move through the global supply chain.
