Managing the Software Supply Chain

Best practices for managing your software supply chain.

When we produce a software product, that product does not stand in isolation. We must always consider all of the dependencies that we inherit from other providers, and our own role as a dependency to our customers, and their customers in turn.

If we consider the flow of dependencies across this landscape as a ‘software supply chain’, it becomes easier to recognize the fractal nature of the problem space, where similar challenges can be found to repeat at different scales, throughout the supply chain. By applying consistent responses to those challenges, we can simplify out unnecessary complexity and improve overall quality and reliability of our systems.

We look at some common, repeating patterns in the sections below.


Best practices for managing intellectual property in the software supply chain.


Best practices for managing the lifecycle of your software supply chain.

Regulatory Compliance

Best practices for ensuring compliance in your software supply chain.


Best practices for securing your software supply chain.

Last modified April 27, 2022: Added Supply Chain Section (3f486f3)