Supply Chain
Overlay Name: NIST SP 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations
Overlay Publication Date: April 2015
Technology or System: Cyber Supply Chain
Overlay Author: Jon Boyens (NIST), Celia Paulsen (NIST), Rama Moorthy (Hatha Systems), Nadya Bartol (Utilities Telecom Council)
Comments: Identification and augmentation of information and communications technology (ICT) supply chain risk management (SCRM)-related controls in SP 800-53, Revision 4. Refer to Chapter 3 for the ICT SCRM Controls. The audience for this publication is federal agency personnel involved in engineering/developing, testing, deploying, acquiring, maintaining, and retiring Information and Communications Technology (ICT) components and systems.
Overlay Point of Contact: Jon Boyens
Return to Control Overlay Repository Overview
Disclaimer Statement The National Institute of Standards and Technology (NIST) has established the Security Overlay Repository as a public service. Security control overlays are made available by NIST on an “AS IS” basis with NO WARRANTIES Some submitted overlays may be available for free while others may be made available for a fee. It is the responsibility of the User to comply with the Terms of Use of any given overlay. Overlay users are solely responsible for determining the appropriateness of using and distributing the security control overlays. User assumes all risks associated with their use, including but not limited to compliance with applicable laws; damage to or loss of data, programs or equipment; and the unavailability or interruption of operation. NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT AND DATA ACCURACY
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
