In March 2025, the Department of Defense (DoD) released version 2.1 of its Supply Chain Risk Management (SCRM) Taxonomy, a standardized framework for categorizing, assessing, and communicating risks across the DoD community to support efforts to secure the U.S. defense supply chain.
The new version is intended to increase the framework’s clarity and reduce complexity and redundancy by incorporating feedback received from SCRM stakeholders since the framework’s introduction in late 2022.
Here is a summary of the risks included in the revised framework and an overview of how Sayari’s products can help the DoD community mitigate these risks.
Overview of DoD SCRM risk categories
Here are some of the risk categories included in the framework:
| Risk Category | Description |
| Regulatory & Compliance | Risks from shifts in legal or policy frameworks that can negatively affect businesses. Extends to a supplier’s failure to adhere to laws and agreements, including those related to national security, ethical practices, and fraud. |
| Manufacturing & Supply | Risks from supplier or market sector’s inability to meet demand due to capacity limitations, production delays, and material disruptions. Also includes risks associated with supply availability, surge capacity, and over-reliance on single sources. |
| Foreign Ownership, Control, or Influence (FOCI) | Risks from a foreign entity wielding power over a company’s operations, potentially leading to unauthorized access to sensitive information or negatively impacting national security contracts and programs. |
| Political | Risks from political instability, weak governance, or broad political conditions (for example, civil unrest or corruption) that could lead to disrupted supply chains, increased business costs, or changed competitive landscapes. |
| Financial | Risks resulting from a supplier’s inability to generate sufficient revenue to meet financial obligations, potentially leading to contractual failures, hostile takeovers, or bankruptcy. |
| Product Quality & Design | Risks involving inherent flaws in items, including counterfeit or non-standard goods, that cause them to fail performance and quality specifications, potentially jeopardizing system function and safety, increasing maintenance costs, and hindering operational capacity. |
| Infrastructure | Risks pertaining to the availability and functionality of essential facilities and systems supporting an industry and its supply chains, including their protection from physical and cyber threats. |
>> See how Sayari’s State-Owned Enterprise risk factor exposed ownership details <<
How Sayari mitigates risks identified in the DoD SCRM Taxonomy
The DoD SCRM framework calls for proactive supply chain risk management to ensure supply chain resilience and mitigate risk to national security. In response, defense supply chain professionals must perform more rigorous due diligence on potential and existing suppliers.
Sayari provides proactive supply chain risk management for government and industry. Sayari’s real-time negative news coverage, 200+ core risk factors that enable automated flagging of risk, and financial data deliver unparalleled insight into entities to help supply chain professionals uncover and mitigate risk. In addition, Sayari products deliver full visibility into the context and provenance of sourcing to support further analyses and reporting.
>> Learn how Sayari helps teams identify and assess direct and upstream supplier risk <<
Here are highlights of how Sayari supports DoD SCRM investigations across three of the framework’s risk categories and subcategories:
- Regulatory & Compliance: Sayari’s real-time negative news coverage and risk factors help investigators mitigate threats arising from suspension or debarment; contractor misconduct; procurement and government fraud; import/export violation; Security & Exchange Commission (SEC) enforcement; use of conflict minerals and raw materials; human rights violations; trafficking in persons; worker health and safety violations; pending change in statutes, policies, or regulations; and contractor non-compliance.
- Foreign Ownership, Control, or Influence (FOCI): Sayari’s risk factors identify threats associated with cross-border merger and acquisition regulations, veiled corporate ventures, foreign intelligence entities (FIEs), nationalization actions, and foreign state-owned enterprises.
- Financial: Financial data within Sayari helps investigators mitigate risks arising from operational inefficiency, low liquidity, insolvency, bankruptcy, lack of funding sources, costs overruns, a company’s reliance on defense contracts, and cyclical effects on a company’s investment returns or profits.
To learn more about how Sayari can help your sourcing and procurement team identify and mitigate risks outlined in the DoD SCRM Taxonomy, request a personalized demo.
