Increasing Visibility and Control of Your ICT Supply Chains

Boyens, Jon; Paulsen, Celia; Feldman, Larry; Witte, Gregory

ITL Bulletin

Increasing Visibility and Control of Your ICT Supply Chains

Documentation Topics

Date Published: June 2015

Author(s)

Jon Boyens (NIST), Celia Paulsen (NIST), Larry Feldman (G2), Gregory Witte (G2)

Abstract

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-161, Supply Chain Management Practices for Federal Information Systems and Organizations, which provides guidance to federal agencies on identifying, assessing and mitigating ICT supply chain risks at all levels of their organizations.

Keywords

acquisition; Information and Communication Technology (ICT); risk management; supply chain assurance; supply chain risk; supply chain risk assessment; Supply Chain Risk Management (SCRM); supply chain security

Control Families

Access Control; Audit and Accountability; Awareness and Training; Assessment, Authorization and Monitoring; Configuration Management; Contingency Planning; Identification and Authentication; Incident Response; Maintenance; Media Protection; Personnel Security; Physical and Environmental Protection; Planning; Program Management; Risk Assessment; System and Communications Protection; System and Information Integrity; System and Services Acquisition

Documentation

Publication:
June 2015 ITL Bulletin

Supplemental Material:
None available

Document History:
06/15/15: ITL Bulletin (Final)

Topics

Security and Privacy
acquisition; cybersecurity supply chain risk management; incident response; maintenance; planning; risk assessment