A systematic process for managing exposure to cybersecurity risks throughout the supply chain and developing appropriate response strategies, policies, processes, and procedures.
Sources:
NIST SP 800-161r1
under Cybersecurity Supply Chain Risk Management