NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment
October 21, 2013

Draft Special Publication 800-161 provides guidance to federal departments and agencies on identifying, assessing, and mitigating Information and Communications Technology (ICT) supply chain risks at all levels in their organizations. It integrates ICT supply chain risk management (SCRM) into federal agency enterprise risk management activities by applying a multi-tiered SCRM-specific approach, including supply chain risk assessments and supply chain risk mitigation activities and guidance. 
 
Due to the recent government shutdown, NIST is extending the comment period for NIST SP 800-161 by 14 days.  Comments are now due by November 1, 2013. Please submit comments to scrm-nist@nist.gov with "Comments NIST SP 800-161" in the subject line. 
 

Created December 22, 2016, Updated June 22, 2020