Today, I attended the first ISACA Belgian Chapter meeting of 2009 about the SCOR framework.
SCOR means “Supply Chain Operations Reference” (more information here). It’s a framework and best practices (not an audit methodology) to help enterprise to increase performance and reduce risks of their supply chain. Basically, there are three types of supply chains:
- Stock to order (example: food)
- Make to order (example: car)
- Engineer to order (example: a house)
Patrick Soenen presented a project he worked on: He performed an audit mission for a company which overtook another one. After company “A” bought company “B”, there was two IT departments, two sales team, two orders processes, etc. His mission was to audit the IT part but also the whole supply chain (orders, stock, sales, production, …). The IT was audited using the CobiT framework but what about the supply chain? CobiT is related only to information technology. After investigations, Patrick found information on the Internet about the SCOR framework.
SCOR is endorsed by the Supply Chain Council (members of this council are big manufacturers). Based on five separate processes: plan, source, make, deliver, and return. Each of then can be split into three levels: scope (1st level), configuration (2nd) and details (3rd). Reporting for each level is made to separate level of management (from CIO, CFO to team managers).
Personally, I found the presentation very interesting. IT must be considered as a tool available to the whole company and supply chain is another one. If one of them fails, the whole business will be affected.
The today presentation is available here (registration required).