U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Cyber Supply Chain Risk Management C-SCRM

Federal Cyber Supply Chain Risk Management Forum

The Federal C-SCRM Forum fosters collaboration and the exchange of cyber supply chain risk management (C-SCRM) information among federal organizations to improve the security of federal supply chains.

Through periodic meetings and informal exchanges, the Forum offers all agencies that depend upon or guide C-SCRM an opportunity to discuss issues of interest with – and to inform – many of those leading C-SCRM efforts in the federal ecosystem, including the Office of Management and Budget (OMB), the Department of Defense (DOD), the Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), the General Services Administration (GSA), and the National Institute of Standards and Technology (NIST). The Forum is hosted by NIST.

The Forum is open to all federal employees (and direct contract support) who have a dedicated and recurring responsibility for performing one or more C-SCRM functions. Participation is highly encouraged for personnel with C-SCRM roles and responsibilities, across a broad spectrum of discipline areas, including but not limited to: acquisition, information technology management, software development, engineering, information security, legal, enterprise risk management, logistics, and mission/program officials.  


  • Offer an ongoing opportunity for federal practitioners of C-SCRM to strengthen their relationships and share information with peers and policy makers
  • Build upon the experience and lessons learned from others, and gain greater situational awareness across multiple domains by drawing on a large pool of diverse expertise
  • Promote awareness and a common understanding of C-SCRM terms, authorities, functions, and key roles and responsibilities
  • Facilitate the dissemination of useful C-SCRM aids, templates, and reference materials
  • Increase knowledge and capabilities by providing a venue wherein participants can learn about the latest advancements in cyber supply chain standards, practices, tools, and technologies
  • Increase transparency and streamline efforts by identifying areas of common need and promoting the development and use of viable, common solutions and shared services
  • Inform OMB, DOD, CISA, ODNI, GSA, and NIST priorities, policies, tools, and guidance for federal work on C-SCRM

Federal C-SCRM Forum Participation & Email ListServ Information

Created May 24, 2016, Updated September 21, 2021