This is a potential security issue, you are being redirected to https://csrc.nist.gov
Special Publications (SPs)
Security & Privacy
Laws & Regulations
Activities & Products
Computer Security Division
Applied Cybersecurity Division
Date Published: April 2011
University of Maryland, Robert H. Smith School of Business
NIST’s Information Technology Lab awarded the Supply Chain Management Center of the Robert H. Smith School of Business at the University of Maryland in College Park a grant in support of the development of cyber supply chain best practice guidelines by NIST. In October, 2010, the Supply Chain Management Center began work on a project to develop, validate, and pilot test a research tool to assess the cyber-supply chain capabilities of the IT vendor community.
This grant was aimed at addressing the fact that, at present, no readily identifiable assessment tool for industry exists that, if used extensively, could form the basis for a body of cyber-supply chain knowledge. Such a body of knowledge should contain data about current/planned corporate risk governance mechanisms, risk management audit/compliance activities, and benchmark practices against which to audit the capability and maturity of an organization.
This lack of a data-driven body of knowledge has been a major deficiency in the emerging discipline of Cyber-Supply Chain Risk Management (SCRM) and has constrained sound decision-making across government and the private sector. It was hoped that data gathered from this project could contribute to the formulation of a strawman SCRM Code of Practice that could advance the discipline and serve as a basis for ongoing dialogue between the public and private sectors.
Security and Privacycyber supply chain risk management; risk management
Laws and RegulationsComprehensive National Cybersecurity Initiative