U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

This is an archive
(replace .gov by .rip)

NIST's Key Practices in Cyber Supply Chain Risk Management: Observations from Industry--NISTIR 8276
February 11, 2021

NIST announces the release of NISTIR 8276, Key Practices in Cyber Supply Chain Risk Management (C-SCRM): Observations from Industry. This final document provides the ever-increasing community of digital businesses a set of Key Practices that any organization can use to manage cybersecurity risks associated with their supply chains.

The Key Practices presented in this document can be used to implement a robust C-SCRM function at an organization of any size, scope, or complexity. These practices combine the information contained in existing C-SCRM government and industry resources with the information gathered during the 2015 and 2019 NIST research on industry best practices. The Key Practices also include 24 actionable recommendations that synthesize how these practices can be implemented from a people, process, and technology perspective.

Related Topics

Security and Privacy: cybersecurity supply chain risk management

Applications: cybersecurity framework

Created February 11, 2021