Date Published: June 2015
Author(s)
Jon Boyens (NIST), Celia Paulsen (NIST), Larry Feldman (G2), Gregory Witte (G2)
This bulletin summarizes the information presented in NIST Special Publication (SP) 800-161, Supply Chain Management Practices for Federal Information Systems and Organizations, which provides guidance to federal agencies on identifying, assessing and mitigating ICT supply chain risks at all levels of their organizations.
This bulletin summarizes the information presented in NIST Special Publication (SP) 800-161, Supply Chain Management Practices for Federal Information Systems and Organizations, which provides guidance to federal agencies on identifying, assessing and mitigating ICT supply chain risks at all...
See full abstract
This bulletin summarizes the information presented in NIST Special Publication (SP) 800-161, Supply Chain Management Practices for Federal Information Systems and Organizations, which provides guidance to federal agencies on identifying, assessing and mitigating ICT supply chain risks at all levels of their organizations.
Hide full abstract
Keywords
acquisition; Information and Communication Technology (ICT); risk management; supply chain assurance; supply chain risk; supply chain risk assessment; Supply Chain Risk Management (SCRM); supply chain security
Control Families
Access Control;
Audit and Accountability;
Awareness and Training;
Security Assessment and Authorization;
Configuration Management;
Contingency Planning;
Identification and Authentication;
Incident Response;
Maintenance;
Media Protection;
Personnel Security;
Physical and Environmental Protection;
Planning;
Program Management;
Risk Assessment;
System and Communications Protection;
System and Information Integrity;
System and Services Acquisition;