The Index:
Supply Chain & Third-Party
Terms You Should Know

The global risk landscape is constantly evolving. To stay ahead, it’s important to understand key concepts that will help you stay informed and attuned to the various risks and opportunities that affect your supply chain and third-party ecosystems.


Discover all the essential terms and context you need in our index below as you modernize supply chain and third-party risk management and compliance within your organization. Stay up to date by browsing through our extensive list of informative resources that define and contextualize common terminology and concepts that are essential to supply chain management and third-party risk management.

Alphabetical (select one)


Adoption of artificial intelligence (AI) has exploded in the past year, revolutionizing many industries and their supply chains.


A new law in Canada may be one to add to your monitoring of global regulations to prevent modern slavery in supply chains.

The existence of child labor within global supply chains presents a troubling reality that demands immediate attention, both to save lives and protect your business.

The CHIPS Act established a $52 billion CHIPS for America Fund to invest in the development of semiconductor technology in the United States.

Systems and assets so vital to the United States that their incapacity or destruction would have a debilitating impact on security, national economic security, national public health and/or safety. Examples of critical infrastructure include energy, water, chemicals, nuclear facilities, the Defense Industrial Base, IT companies and cloud service providers.

Attacks can occur at every link in a typical software supply chain, and these kinds of attacks are increasingly public, disruptive, and costly.


The Defense Industrial Base refers to organizations and companies that provide necessary products and services for the sustainment and deployment of U.S. military operations, including defense research and development, manufacturing, weapon systems and sensors.


ESG due diligence is the process of uncovering a company’s ESG (environmental, social, governance) policies and risk factors.

The supply chain risk category known as ESG — environmental, social and governance — spans broad issues like carbon emissions, modern slavery, money laundering, deforestation and more.

The Cybersecurity Executive Order (Executive Order 14028) responds to the growing number of cyberattacks against government agencies, critical infrastructure and other companies.

President Biden’s landmark Executive Order on Artificial Intelligence (EO 14110) marks the first significant policy-making effort by the U.S. government on the important topic of how best to manage the opportunity — and risk — of artificial intelligence.


Financial risk can arise if an organization has poor financial solvency or any history of financial crime among its senior executives. Financial risk indicators can be extracted from sources such as news outlets, social media platforms and financial analysis providers.

Managing foreign ownership, control, or influence (FOCI) risk is a critical concern for U.S. companies.


On June 11, 2021, the German Parliament passed a new law on corporate due diligence in supply chains called Lieferkettengest, or the German Supply Chain Due Diligence Act (GSCA).


An HBOM is a systematic structure comprising clearly defined data fields that outline the components of a hardware product and its attributes. It enables organizations to identify potential economic and security risks associated with equipment components that may be compromised, untrusted, and subject to availability risks.


One benefit a robust supply chain management practice for your enterprise can deliver is cost savings. And one of the main drivers of this efficiency is material demand aggregation.

Modern slavery in supply chains refers to the exploitation and forced labor practices that occur within global networks. To eradicate modern slavery, governments are taking the initiative to make organizations accountable for all activities in their supply chains that might involve human rights abuses.


When it comes to regulatory compliance, every business should know the Office of Foreign Assets Control (OFAC) and its sanctions.

Operational risk spans a wide variety of different categories, including geopolitical and geoeconomic risk, the climate variability impact on the physical location of an organization, counterfeits, and potential alternative suppliers.


A politically exposed person refers to an individual who holds a prominent public position or function. Due to their role, the individual is considered more likely to engage in acts of bribery or corruption.

Procurement risks occur when the process of purchasing or sourcing products, services or resources becomes unreliable.

Product risk occurs when there’s a lack of transparency in your supply chain due to siloed data, incompatible systems across an enterprise, or the outsourcing of parts and raw materials.


RCR risks can arise when an organization’s suppliers fail to comply with applicable laws and regulations or neglect due diligence during their onboarding process.


Sanctions are a type of economic pressure used by governments and international bodies to protect security interests and international law against aggressive actions or threats to international peace and security.

A Software Bill of Materials (SBOM) is an organized list that offers an in-depth description of the open-source and proprietary components, like modules, libraries and other software artifacts, within a software package.

As your company strives to reduce its carbon footprint, you can’t ignore the supply chains that are part of your business.

As part of the 2019 National Defense Authorization Act (NDAA), Section 889 has significant implications for acquisition and procurement executives, government contractors and suppliers, particularly those involved in the telecommunications equipment and services sector.

Supply chain resilience is the ability to withstand, absorb and recover from a shock or disruption in the supply chain ecosystem without hindering organizational growth.

Supply Chain Risk Management involves a multi-faceted and dynamic landscape of risk vectors and opportunities that must be consistently assessed and constantly updated to reflect the many macro supply chain risk drivers, from geopolitical risk, trade wars and industrial espionage to modern slavery and climate change.

The quickly evolving landscape of supply chain risk management (SCRM) requires organizations to develop strong programs that can anticipate and mitigate a variety of risks.

An end-to-end view of all tiers and entities in the supply chain as well as material-inputs — metals, plastics, chemicals, electronics, etc. — that flow into the parts, products, and equipment in the supply chain.


The Exiger Third Party & Supply Chain Risk Management Maturity Model is designed to help managers assess their organization’s capabilities with respect to managing supply chain risk.

A type of risk management that focuses on identifying, assessing and mitigating risks that arise from relationships with third-party suppliers, vendors and partners.


The Uyghur Forced Labor Prevention Act (UFLPA) took effect in the United States on June 21, 2022 to prohibit importation of goods into the United States that were produced by forced labor in the Xinjiang Uyghur Autonomous Region (XUAR) of China.

The UK Modern Slavery Act is a sweeping piece of legislation that seeks to regulate and address the issues of modern-day slavery in business operations and their global supply chains.

The person who ultimately owns or controls a legal entity is known as the ultimate beneficial owner or UBO.


The Uyghur Forced Labor Prevention Act (UFLPA) took effect in the United States on June 21, 2022 to prohibit importation of goods into the United States that were produced by forced labor in the Xinjiang Uyghur Autonomous Region (XUAR) of China.

Demo The
Exiger Platform