Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Supply Chain Risk Management C-SCRM

News and Updates

C-SCRM Guidance: NIST SP 800-161r1
May 5, 2022
NIST has released a revised publication, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations," NIST Special Publication 800-161r1.
Second Draft SP 800-161 Rev. 1 Available for Comment
October 28, 2021
A second public draft of Special Publication (SP) 800-161 Revision 1, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations," is open for comment through December 10, 2021.
NIST Releases Draft of NIST SP 800-161, Revision 1 for comment
May 10, 2021
Comments Sought on Updates to Cyber Supply Chain Risk Management Practices for Systems and Organizations (Draft NIST SP 800-161, Revision 1)
NISTIR 8276 Key Practices in C-SCRM
February 11, 2021
NIST announces the publication of NISTIR 8276, Key Practices in Cyber Supply Chain Risk Management: Observations from Industry.
Draft NISTIR 8276--Cyber SCRM Key Practices--and Case Studies
February 4, 2020
Draft NISTIR 8276, "Key Practices in Cyber Supply Chain Risk Management: Observations from Industry” is available for comment; the comment period closes March 4, 2020.  Six new Case Studies in Cyber SCRM are also available,...
NISTIR 8179 Criticality Analysis Process Model
April 11, 2018
NIST is releasing NIST Internal Report (NISTIR) 8179, Criticality Analysis Process Model: Prioritizing Systems and Components, to help organizations identify those systems and components that are most vital and which may need...
Cyber Risk Predictive Analytics Project Report
December 1, 2017
NIST is pleased to announce the publication of a report by the University of Maryland’s Supply Chain Management Center titled “The Cyber Risk Predictive Analytics Project”. 
Draft NIST Interagency Report (NISTIR) 8179
July 10, 2017
NIST is seeking comments on Draft NIST IR 8179, Criticality Analysis Process Model.
Leveraging the Cyber Risk Portal as a Teaching & Education Tool
July 17, 2015
NIST is pleased to announce the publication of a report by the University of Maryland’s Supply Chain Management Center titled “Leveraging the Cyber Risk Portal as a Teaching & Education Tool”.
NIST Announces the release of NIST SP 800-161
April 9, 2015
Federal agencies are concerned about the risks associated with information and communications technology (ICT) products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due...
Second Draft Special Publication 800-161
June 3, 2014
NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment ....
Public Comment: NIST announces that Draft SP 800-161
October 21, 2013
This document provides guidance to federal departments and agencies on identifying, assessing, and mitigating Information and Communications Technology (ICT) supply chain risks at all levels in their organizations. 
SECOND Public DRAFT of NIST Interagency Report 7622
March 23, 2012
NIST announces the second public draft of NIST Interagency Report (NISTIR) 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems. This publication is intended to provide a wide array of...
Created May 24, 2016, Updated October 02, 2024