Executive Order 14017 on Supply Chains — February 24, 2021

Executive Order 14017 directs sweeping supply-chain diagnostics across semiconductors, large-capacity batteries, critical minerals, pharmaceuticals, and six industrial bases to expose chokepoints, security gaps, and over-concentration risks, then mandates mitigation roadmaps, onshoring incentives, and allied coordination.

What the order requires and why it matters now

The order tasks the White House, Department of Defense (DoD), Department of Commerce (DoC), Department of Energy (DOE), and Department of Health and Human Services (HHS) with parallel 100-day reviews for semiconductors, high-capacity batteries, critical minerals, and pharmaceuticals, while directing one-year sectoral assessments for defense, public health, information and communications technology (ICT), energy, transportation, and agriculture industrial bases.

Each report must map critical goods, identify single points of failure, quantify foreign dependency, evaluate cyber and physical risks, and recommend concrete risk-mitigation actions (diversification, stockpiling, re-shoring, supplier qualification, and R&D investments). Agencies must also engage industry to gather proprietary data under appropriate confidentiality protections to avoid superficial or incomplete mapping.

The EO elevates national and economic security by linking supply-chain fragility to cybersecurity, trade, and export controls. It explicitly calls for scenario modeling of disruptive events (pandemics, cyber incidents, extreme weather, geopolitical shocks) and asks agencies to evaluate the adequacy of authorities like the Defense Production Act (DPA), International Emergency Economic Powers Act (IEEPA), and Title III incentives. The order also signals tighter use of procurement levers (for example, Buy American waivers) and coordination with allies to avoid duplicative stockpiles and to reinforce mutual assurance for critical inputs.

Implementation expectations for technology, operations, and risk leaders

• Inventory and mapping. Build or refresh a multi-tier bill-of-materials (BOM) for semiconductors, batteries, critical minerals, and pharmaceutical precursors in your products and services. Include die/package sources, fabrication nodes, foundry geographies, precursor chemicals, rare earth elements, API suppliers, contract manufacturers, logistics corridors, and sole-source vendors. Align the schema with the EO focus sectors to accelerate government data calls.
• Scenario design and stress testing. Run at least three disruption scenarios per EO category: (1) 6–12 month foundry outage at a leading-edge node; (2) shipping lane closure or export ban affecting cathode/anode materials; (3) cyber compromise of a pharmaceutical contract manufacturer. Quantify revenue-at-risk, recovery time objectives, and substitution options.
• Resilience controls. Establish dual-sourcing where feasible, qualify second-source fabs, and negotiate buffer inventory for advanced nodes. For batteries, validate supplier traceability for cobalt, lithium, and nickel to support both compliance (for example, U.S. EV credit rules) and resiliency. For pharmaceuticals, implement vendor validation for current Good Manufacturing Practice (cGMP) compliance and continuous temperature monitoring in cold-chain logistics.
• Governance and board reporting. Form a cross-functional supply-chain risk council (procurement, engineering, security, legal, trade compliance) that meets quarterly to track EO-driven risks and mitigation milestones. Present quantified exposure (single/dual-source concentration), time-to-recovery, and alignment with government incentives (for example, CHIPS Act funding, DPA Title III awards) to the board risk committee.
• Cybersecurity and data-sharing safeguards. Harden supplier access (SBOM exchanges, EDI links, shared PLM systems) with MFA, TLS mutual authentication, and data minimization. If contributing data to agency assessments, classify information, apply NDAs, and ensure only necessary operational details are provided through designated secure channels.

How to align with the federal review timeline

Near term (0–90 days). Identify products reliant on 28 nm-and-below nodes, advanced packaging, or specialty analog components; map current wafer starts by geography and foundry; and quantify safety stock. For batteries, map cathode/anode supply, electrolyte sources, separator film providers, and gigafactory capacity dependencies. For pharmaceuticals, tag all active ingredients and critical excipients by country-of-origin and assess whether any single-site dependencies exist. Deliver internal briefings that mirror the EO’s analytical categories so submissions can be repurposed if agencies request data.

Medium term (90–180 days). Design substitution strategies (for example, redesigns to older nodes), pre-negotiate surge capacity with contract manufacturers, and run tabletop exercises with vendors on logistics disruptions and cyber incidents. Align capital requests with available grants or tax credits, and document environmental and labor compliance for potential onshoring projects. Build dashboards tracking time-to-recovery and diversification progress for board oversight.

Long term (180–365 days and beyond). Participate in public comment processes on draft agency reports, scrutinize any proposed export-control or procurement changes for contract impacts, and prepare to certify compliance with supplier-diversification or transparency expectations that may be embedded into future federal acquisition regulations. For multinational operations, coordinate with EU, UK, and Japanese partners pursuing parallel resilience strategies to avoid conflicting localization or reporting obligations.

Checklist

1. Stand up a supply-chain mapping workstream aligned to the EO sectors with clear data owners.
2. Complete at least three disruption tabletop exercises per category (semiconductors, batteries, critical minerals, pharmaceuticals) and document recovery plans.
3. Engage priority suppliers to validate capacity, business continuity, and cybersecurity controls; embed SBOM and incident-notification clauses in contracts.
4. Coordinate with finance to model capital needs and available incentives (CHIPS grants, DPA Title III, tax credits) to support diversification or onshoring.
5. Establish quarterly board reporting on concentration metrics, time-to-recovery, and alignment with emerging federal requirements.

Metrics, documentation, and external engagement

Track measurable indicators to show progress: percentage of components with dual sourcing, median time-to-recovery for critical parts, percentage of suppliers under cybersecurity due diligence, and proportion of spend tied to U.S.-allied geographies. Maintain documentation packages—including BOMs, facility maps, alternative supplier lists, and contractual SLAs—so they can be furnished quickly to Commerce or Defense if voluntary data calls arise.

Engage industry associations (for example, Semiconductor Industry Association, Advanced Battery Consortium, Pharma supply-chain groups) to benchmark assumptions and advocate for pragmatic timelines. When commenting on draft recommendations, highlight the interoperability of U.S. standards with EU, UK, and Japanese regimes to minimize conflicting localization or reporting burdens.

Data quality and supplier validation. Require suppliers to attest to factory locations, sub-tier dependencies, and disaster recovery capabilities; validate with geo-coding and sanctions screening. Where suppliers refuse transparency, flag as elevated residual risk and incorporate into executive decisioning for redesign or substitution.

Financing and incentives navigation. Build a registry of applicable grants (for example, CHIPS Act manufacturing, DOE battery initiatives) and tax credits, with owner assignments to pursue applications that align with the mitigation roadmap. Track compliance obligations tied to incentives—environmental reviews, labor standards, or domestic-preference covenants—and bake them into project schedules.

You may also find useful

Hand-picked articles on adjacent topics.

Infrastructure · Credibility 71/100 · February 24, 2021

EO 14017 launches U.S. supply chain review

Biden ordered a 100-day review of critical supply chains on February 24, 2021. Semiconductors, critical minerals, batteries, and pharmaceuticals—the shortages exposed by COVID made this a priority. This EO kicked off the…

Infrastructure · Credibility 91/100 · February 10, 2022

Infrastructure Resilience — Infrastructure

Global infrastructure operators reviewing 2020–2022 resilience policy shifts must knit pandemic-era access controls, energy market reforms, supply-chain mandates, and U.S.-EU investment programs into a unified capital…

Infrastructure · Credibility 71/100 · August 9, 2022

CHIPS and Science Act signed into U.S. law

$52 billion to bring semiconductor manufacturing back to America. The CHIPS and Science Act is the biggest industrial policy move in decades. Intel, TSMC, Samsung—they are all building fabs on U.S. soil now. If you are…

Infrastructure · Credibility 87/100 · April 11, 2024

NTIA Awards $420 Million for Open and Resilient Wireless Networks

NTIA issued $420 million in Public Wireless Supply Chain Innovation Fund awards to accelerate open RAN testing, interoperability, and security.

Infrastructure · Credibility 87/100 · April 22, 2025

AWS and Cloud infrastructure

AWS shared their 2025–2027 infrastructure roadmap. New availability zones, sovereign cloud regions, and better continuity options are coming. If you are planning long-term cloud architecture, factor this in.

Continue in the Infrastructure pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

• Infrastructure Resilience Guide

  Coordinate capacity planning, supply chain, and reliability operations using DOE grid programmes, Uptime Institute benchmarks, and NERC reliability mandates covered here.

• Edge Resilience Infrastructure Guide

  Engineer resilient edge estates using ETSI MEC standards, DOE grid assessments, and GSMA availability benchmarks documented here.

• Infrastructure Sustainability Reporting Guide

  Produce audit-ready infrastructure sustainability disclosures aligned with CSRD, IFRS S2, and sector-specific benchmarks curated here.

Documentation

1. Executive Order 14017 — America’s Supply Chains — presidency.ucsb.edu
2. DCPD-202100165 — Executive Order 14017 — govinfo.gov
3. ISO/IEC 27017:2015 — Cloud Service Security Controls — International Organization for Standardization