NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

News & Events

{Oct. 2013} -- Note - the deadline to submit comments for the Draft SP 800-161 document has been extended (this link will go to the SCRM Publications page where link to the draft document & template is provided.).

{Aug. 2013} -- NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment - can be accessed either by the SCRM Publications page OR the CSRC Drafts page.

{Dec. 2012} -- NIST is pleased to announce a report by the University of Marylandís Supply Chain Management Center: Proof of Concept for an Enterprise ICT SCRM Assessment Package

more news

Contact

General Inquires
scrm-nist@nist.gov

Jon Boyens
Project Lead
boyens@nist.gov
301-975-5549

Celia Paulsen
Technical Lead
celia.paulsen@nist.gov
301-975-5981

News & Events

  • October 21, 2013 -- Due to the recent government shutdown, NIST is extending the comment period for NIST SP 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations. Comments are now due by November 1, 2013.
     
    This document provides guidance to federal departments and agencies on identifying, assessing, and mitigating Information and Communications Technology (ICT) supply chain risks at all levels in their organizations. It integrates ICT supply chain risk management (SCRM) into federal agency enterprise risk management activities by applying a multi-tiered SCRM-specific approach, including supply chain risk assessments and supply chain risk mitigation activities and guidance.
     
    Click here to access the publication and the comments template.
     
  • July 10, 2013 Ė A Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management held October 15-16, 2012 is now available online .


  • NIST is pleased to announce a report by the University of Marylandís Supply Chain Management Center. The report, which stems from a NIST grant, provides a proof of concept for an information and communication technology supply chain risk management assessment delivered through web site portal. The proof of concept utilizes work from previous NIST grants and features four major functions: an Enterprise Assessment Section; a Library Section; a Forum Section; and, an Initiatives Section.


  • October 25, 2012 -- The presentations from the ICT Supply Chain Risk Management workshop (Oct. 15-16, 2012) are now available here.
     
  • NIST is pleased to announce the release of the NIST Interagency Report (NIST IR) 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems. (Oct. 2012) Click here to view NISTIR 7622.

    This publication is intended to provide a wide array of practices that, when implemented, will help mitigate supply chain risk. It seeks to equip federal departments and agencies with a notional set of repeatable and commercially reasonable supply chain assurance methods and practices that offer a means to obtain an understanding of, and visibility throughout, the supply chain.