U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-161 Rev. 1

Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

Date Published: May 2022

Supersedes: SP 800-161 (04/08/2015)

Planning Note (05/05/2022):

The guidance from Appendix F, "Response to Executive Order 14028's Call to Publish Guidelines for Enhancing Software Supply Chain Security," is available at NIST's dedicated EO 14028 website.


Author(s)

Jon Boyens (NIST), Angela Smith (NIST), Nadya Bartol (Boston Consulting Group), Kris Winkler (Boston Consulting Group), Alex Holbrook (Boston Consulting Group), Matthew Fallon (Boston Consulting Group)

Abstract

Keywords

acquire; C-SCRM; cybersecurity supply chain; cybersecurity supply chain risk management; information and communication technology; risk management; supplier; supply chain; supply chain risk assessment; supply chain assurance; supply chain risk; supply chain security
Control Families

None selected