There is a great demand from federal departments and agencies for supply chain risk management (SCRM) guidance. However, the ICT supply chain discipline is in an early stage of development with diverse perspectives on foundational ICT supply definitions and scope, disparate bodies of knowledge, and fragmented standards and best practice efforts. Additionally, there is a need to identify the available and needed tools, technology, and research related to ICT supply chain risk and better understand their benefits and limitations. All interested stakeholders are invited to participate. Results of this workshop will help direct future NIST efforts in the area of ICT SCRM.