U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cybersecurity Supply Chain Risk Management

Cybersecurity Supply Chain Risk Management C-SCRM

Publications

The following NIST-authored publications are directly related to this project.

Series & Number Title Status Released
SP 800-161 Rev. 1 (Draft) Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (2nd Draft) Draft 10/28/2021
SP 800-161 Rev. 1 (Draft) Cyber Supply Chain Risk Management Practices for Systems and Organizations Draft 04/29/2021
NISTIR 8276 Key Practices in Cyber Supply Chain Risk Management: Observations from Industry Final 02/11/2021
NISTIR 8272 Impact Analysis Tool for Interdependent Cyber Supply Chain Risks Withdrawn 08/25/2020
NISTIR 8179 Criticality Analysis Process Model: Prioritizing Systems and Components Final 04/09/2018
ITL Bulletin Increasing Visibility and Control of Your ICT Supply Chains Final 06/15/2015
White Paper Final Report: Leveraging the Cyber Risk Portal as A Teaching & Education Tool Final 06/10/2015
NISTIR 8041 Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium Final 04/10/2015
SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations Final 04/08/2015
White Paper Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management, National Institute of Standards and Technology, October 15-16, 2012 Final 07/10/2013
White Paper Proof of Concept for an ICT SCRM Enterprise Assessment Package Final 12/01/2012
ITL Bulletin Practices for Managing Supply Chain Risks to Protect Federal Information Systems Final 11/27/2012
NISTIR 7622 Notional Supply Chain Risk Management Practices for Federal Information Systems Final 10/16/2012
White Paper The ICT SCRM Community Framework Development Project: Final Report Final 12/01/2011
White Paper Assessing SCRM Capabilities and Perspectives of the IT Vendor Community: Toward a Cyber-Supply Chain Code of Practice Final 04/01/2011

Contacts

Supply Chain General Inquiries
scrm-nist@nist.gov

Jon Boyens - Project Lead
boyens@nist.gov
301-975-5549

Angela Smith - Technical Lead
angela.smith@nist.gov

Jeff Brewer
jeffrey.brewer@nist.gov

sw.assurance Google Group
sw.assurance@list.nist.gov

Created May 24, 2016, Updated November 30, 2021