U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST IR 8276

Key Practices in Cyber Supply Chain Risk Management: Observations from Industry

Date Published: February 2021

Author(s)

Jon Boyens (NIST), Celia Paulsen (NIST), Nadya Bartol (Boston Consulting Group), Kris Winkler (Boston Consulting Group), James Gimbi (Boston Consulting Group)

Abstract

Keywords

best practices; cyber supply chain risk management; C-SCRM; external dependency management; information and communication technology supply chain risk management; ICT SCRM; key practices; risk management; supplier; supply chain; supply chain assurance; supply chain risk; supply chain risk assessment; supply chain risk management; supply chain security; third-party risk management
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8276
Download URL

Supplemental Material:
Cyber SCRM Key Practices and Case Studies

Document History:
02/04/20: IR 8276 (Draft)
02/11/21: IR 8276 (Final)

Topics

Security and Privacy

cybersecurity supply chain risk management

Applications

cybersecurity framework