Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 1305 (Initial Public Draft)

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Cybersecurity Supply Chain Risk Management (C-SCRM)

Date Published: February 26, 2024
Comments Due: May 3, 2024 (public comment period is CLOSED)
Email Questions to:


National Institute of Standards and Technology


Quick-start guides are supplemental resources for the NIST Cybersecurity Framework (CSF) 2.0. See more information on CSF 2.0 quick-start guides

NIST seeks comments on this initial public draft by May 3, 2024. Submit comments to



NIST Cybersecurity Framework (CSF) 2.0; C-SCRM; cybersecurity supply chain risk management
Control Families

None selected


Download URL

Supplemental Material:
More CSF 2.0 Quick-Start Guides

Document History:
02/26/24: SP 1305 (Draft)


Security and Privacy

cybersecurity supply chain risk management


cybersecurity framework

Activities and Products

quick start guides