More than two decades after 9/11, international organizations have promoted programs to manage supply chain security risks, such as the C-TPAT program of U.S. CBP, BASC, the Authorized Economic Operator (AEO) of the WCO, and the ISO 28000 standard. Assessing the maturity of these initiatives is essential to measure security levels in certified companies and to identify opportunities for improvement, particularly in Latin America and the Caribbean. For this purpose, a systematic literature review (2004–2025) was conducted in Scopus, WoS, Google Scholar, and SciELO. A total of 18 maturity models related to supply chain risk management were identified, of which only two specifically focus on security. The analysis contextualized maturity models, their conceptual foundations, and their origin in the Capability Maturity Model developed by the Software Engineering Institute in 1986, as well as their expansion into diverse fields, with 1,331 publications registered during the reviewed period. Most models employ self-assessment and continuous improvement approaches, incorporating elements of resilience and sustainability. It was found that 56% of the models adopt five maturity levels, with common dimensions such as leadership, risk management, external collaboration, visibility, culture, and technology. Based on these findings, a proprietary model was designed with five levels and eight dimensions, aligned with international security programs, providing both theoretical and practical foundations to strengthen security management in supply chains.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Maturity Model for Supply Chain Security Management

  • Pablo Emilio Mora Lozano,
  • Juan Pedro Sepúlveda Rojas,
  • Jairo R. Montoya-Torres

摘要

More than two decades after 9/11, international organizations have promoted programs to manage supply chain security risks, such as the C-TPAT program of U.S. CBP, BASC, the Authorized Economic Operator (AEO) of the WCO, and the ISO 28000 standard. Assessing the maturity of these initiatives is essential to measure security levels in certified companies and to identify opportunities for improvement, particularly in Latin America and the Caribbean. For this purpose, a systematic literature review (2004–2025) was conducted in Scopus, WoS, Google Scholar, and SciELO. A total of 18 maturity models related to supply chain risk management were identified, of which only two specifically focus on security. The analysis contextualized maturity models, their conceptual foundations, and their origin in the Capability Maturity Model developed by the Software Engineering Institute in 1986, as well as their expansion into diverse fields, with 1,331 publications registered during the reviewed period. Most models employ self-assessment and continuous improvement approaches, incorporating elements of resilience and sustainability. It was found that 56% of the models adopt five maturity levels, with common dimensions such as leadership, risk management, external collaboration, visibility, culture, and technology. Based on these findings, a proprietary model was designed with five levels and eight dimensions, aligned with international security programs, providing both theoretical and practical foundations to strengthen security management in supply chains.