Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects Cybersecurity Supply Chain Risk Management

Cybersecurity Supply Chain Risk Management C-SCRM

Publications

The following NIST-authored publications are directly related to this project.

Series & Number Title Status Released
SP 800-161 Rev. 1 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations Final 05/05/2022
Other Software Security in Supply Chains Final 05/05/2022
IR 8276 Key Practices in Cyber Supply Chain Risk Management: Observations from Industry Final 02/11/2021
IR 8272 Impact Analysis Tool for Interdependent Cyber Supply Chain Risks Withdrawn 08/25/2020
IR 8179 Criticality Analysis Process Model: Prioritizing Systems and Components Final 04/09/2018
ITL Bulletin Increasing Visibility and Control of Your ICT Supply Chains Final 06/15/2015
Other Final Report: Leveraging the Cyber Risk Portal as A Teaching & Education Tool Final 06/10/2015
IR 8041 Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium Final 04/10/2015
SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations Withdrawn 04/08/2015
Other Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management, National Institute of Standards and Technology, October 15-16, 2012 Final 07/10/2013
Other Proof of Concept for an ICT SCRM Enterprise Assessment Package Final 12/01/2012
ITL Bulletin Practices for Managing Supply Chain Risks to Protect Federal Information Systems Final 11/27/2012
IR 7622 Notional Supply Chain Risk Management Practices for Federal Information Systems Final 10/16/2012
Other The ICT SCRM Community Framework Development Project: Final Report Final 12/01/2011
Other Assessing SCRM Capabilities and Perspectives of the IT Vendor Community: Toward a Cyber-Supply Chain Code of Practice Final 04/01/2011

Contacts

Supply Chain General Inquiries
scrm-nist@nist.gov

Jon Boyens - Project Lead - NIST
boyens@nist.gov
301-975-5549

Rebecca McWhite - Technical Lead - NIST
rebecca.mcwhite@nist.gov

Jeff Brewer - NIST
jeffrey.brewer@nist.gov

sw.assurance Google Group
sw.assurance@list.nist.gov

Created May 24, 2016, Updated March 28, 2024