Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Supply Chain Risk Management C-SCRM

Publications

The following NIST-authored publications are directly related to this project.

Series & Number Title Status Released
SP 800-161 Rev. 1 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations Final 11/01/2024
SP 1326 NIST Cybersecurity Supply Chain Risk Management: Due Diligence Assessment Quick-Start Guide Draft 10/30/2024
SP 1305 NIST Cybersecurity Framework 2.0: Quick-Start Guide for Cybersecurity Supply Chain Risk Management (C-SCRM) Final 10/21/2024
Other Software Security in Supply Chains Final 05/05/2022
SP 800-161 Rev. 1 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations Withdrawn 05/05/2022
IR 8276 Key Practices in Cyber Supply Chain Risk Management: Observations from Industry Final 02/11/2021
IR 8272 Impact Analysis Tool for Interdependent Cyber Supply Chain Risks Withdrawn 08/25/2020
IR 8179 Criticality Analysis Process Model: Prioritizing Systems and Components Final 04/09/2018
ITL Bulletin Increasing Visibility and Control of Your ICT Supply Chains Final 06/15/2015
Other Final Report: Leveraging the Cyber Risk Portal as A Teaching & Education Tool Final 06/10/2015
IR 8041 Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium Final 04/10/2015
SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations Withdrawn 04/08/2015
Other Summary of the Workshop on Information and Communication Technologies Supply Chain Risk Management, National Institute of Standards and Technology, October 15-16, 2012 Final 07/10/2013
Other Proof of Concept for an ICT SCRM Enterprise Assessment Package Final 12/01/2012
ITL Bulletin Practices for Managing Supply Chain Risks to Protect Federal Information Systems Final 11/27/2012
IR 7622 Notional Supply Chain Risk Management Practices for Federal Information Systems Final 10/16/2012
Other The ICT SCRM Community Framework Development Project: Final Report Final 12/01/2011
Other Assessing SCRM Capabilities and Perspectives of the IT Vendor Community: Toward a Cyber-Supply Chain Code of Practice Final 04/01/2011
Created May 24, 2016, Updated November 26, 2024