U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-161

Supply Chain Risk Management Practices for Federal Information Systems and Organizations

Date Published: April 2015

Author(s)

Jon Boyens (NIST), Celia Paulsen (NIST), Rama Moorthy (Hatha Systems), Nadya Bartol (Utilities Telecom Council)

Abstract

Keywords

ICT SCRM; risk management; supplier; supply chain; supply chain risk; supply chain risk management; supply chain assurance; supply chain security; information and communication technology supply chain risk management; acquire
Control Families

Access Control; Awareness and Training; Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection; Physical and Environmental Protection; Planning; Program Management; Personnel Security; Risk Assessment; System and Services Acquisition; System and Communications Protection; System and Information Integrity

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-161
Download URL

Supplemental Material:
None available

Document History:
04/08/15: SP 800-161 (Final)