How the CIA Implements Risk Mitigation Across Procurement

Share this article
Share this article
Prioritise Us on Google
Clinton West, Former Director of Supply Chain Risk at the CIA
As risk mitigation and business resilience is becoming a top priority amid disruption, the CIA demonstrates how businesses can avoid risk in procurement

As geopolitical instability and cyber threats create increasing disruption, procurement leaders are looking for new ways to build resilience.

For the Central Intelligence Agency (CIA), protecting US national security involves robust risk management deeply integrated into its supply chain and acquisition processes.

Its expertise in security provides a framework for trade and supply chain risk mitigation.

Youtube Placeholder

Integrating SCRM into procurement

Supply chain risk has become a high priority. The growing number of cyberattacks on public and private organisations highlights the need for secure systems to prevent disruption to global supply chains. For procurement departments, the challenge is embedding risk mitigation from the first step of the acquisition process.

Many organisations face difficulties applying the right technology to the correct processes, rendering their protective measures inefficient. Adopting techniques from cybersecurity advisories and law enforcement helps organisations protect their operations and reduce supplier risk.

The CIA, as part of the US Intelligence Community (IC), integrates supply chain risk management (SCRM) into all of its operations. This approach includes the acquisition processes for mission-critical products materials and services to ensure supply chain integrity and counter intelligence threats. This strategy begins at the procurement stage, ensuring security is a foundational part of the entire lifecycle.

The CIA conducts regular and mandatory risk assessments. These assessments address threats from contractors and vendors, vulnerabilities in acquisitions and potential impacts on missions. This demonstrates a procurement-led approach to security, where vetting and managing third-party risk is not an afterthought but a primary function.

The CIA is the US' first line of defence (US Capitol Building | Credit: Getty)

A collaborative framework for risk

The Intelligence Community Directive (ICD) 731 is designed to protect the supply chain lifecycle. It functions as a collaborative directive working with other SCRM systems throughout the US Government. Within the CIA, collaboration is central to its risk mitigation strategy.

Experts from acquisition, counterintelligence (CI), information assurance, logistics and security all participate in managing supply chain risk. This is overseen by the Director of National Intelligence (DNI) who ensures best practices are followed and implements relevant training. This collaborative model suggests a potential framework for businesses where procurement works cross-functionally with IT, security and logistics to create a unified defence against supply chain threats.

Youtube Placeholder

From national security to corporate strategy

The Supply Chain Risk & Resilience Summit at PSC LIVE: The US Summit will explore risk mitigation strategies. At this panel, leaders will explore strategies on how to build supply chain resilience while navigating global disruptions.

Clinton West, Former Director of Supply Chain Risk at the CIA, has more than 25 years of experience in national security, defence and intelligence. Today, as the Senior Director of Advanced Systems at Exiger, he leads the integration of advanced technologies and AI to build secure resilient supply chains.

Having advised leaders at the Department of Defence, the Office of the Director of National Intelligence, and Congress, Clinton has a deep understanding of intelligence and global risk management.

"I’m looking forward to speaking at the Procurement & Supply Chain LIVE: The US Summit 2026 because it’s a rare opportunity to bring real-world lessons from Afghanistan and Ukraine into a conversation the entire industry needs to hear," Clinton says.

"Today’s leaders are being asked to manage risks that move faster and cut deeper than ever before. If sharing what I’ve seen on the front lines, both as CIA’s Director of Supply Chain Risk and across global logistics operations, helps even one organisation strengthen its resilience then the conversation is worth having.”

Youtube Placeholder

Procurement & Supply Chain LIVE: The US Summit

Procurement & Supply Chain LIVE: The US Summit takes place April 21-22, bringing together senior procurement and supply chain leaders focused on innovation, strategy and transformation in their organisations. Co-located with Sustainability LIVE: The US Summit, the event provides a comprehensive view of procurement and supply chain’s evolving role in driving business value and sustainability.

It will also feature the inaugural US awards, which will be presented during a black-tie gala dinner at Navy Pier, uniting the leaders driving procurement and supply chain excellence across the US and Canada.

The awards ceremony will take place following Day 1 of the US Summit.  

The event takes place at Chicago's Navy Pier on 21-22 April 2026. Early bird tickets are available here.

Executives