NIST Supply Chain Risk Management – Comments Requested
Aug. 16, 2013
SP 800-161
DRAFT Supply Chain Risk Management Practices for Federal Information Systems and Organizations
This document provides guidance to federal departments and agencies on identifying, assessing, and mitigating Information and Communications Technology (ICT) supply chain risks at all levels in their organizations. It integrates ICT supply chain risk management (SCRM) into federal agency enterprise risk management activities by applying a multi-tiered SCRM-specific approach, including supply chain risk assessments and supply chain risk mitigation activities and guidance. NIST requests comments on Draft NIST SP 800-161 by October 15, 2013. Please submit comments to scrm-nist@nist.gov with “Comments NIST SP 800-161” in the subject line. A template for submitting comments is provided below.
Download draft document
Source: OSS