Sorry, you need to enable JavaScript to visit this website.
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

  1. Home

Cyber Risk Management

Cyber Supply Chain Risk Management involves identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of ICT/OT product and service supply chains. It covers the entire lifecycle of a system (including design, development, distribution, deployment, acquisition, maintenance, and destruction).

 

 

 

This training has been designed to assist the learner with developing an understanding of cyber supply chain risk management, also known as C-SCRIM, and the role it plays within our society today.

Related Program / Initiative:

Communications Supply Chain Risk Information Partnership (C-SCRIP)
Related Links
Software Bill of Materials (SBOM) Resources Library
Guide to Getting Started with a Cybersecurity Risk Assessment
Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities
Quick Start Guide: NIST CSF 2.0 C-SCRM
A Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management
NISTIR 8276 Key Practices in Cyber Supply Chain Risk Management: Observations from Industry
NIST 800-161, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations
Securing the Software Supply Chain: Recommended Practices Guide for Customers
Report on Recommended Best Practices to Improve Communications Supply Chain Security
NTIA Releases Minimum Elements for a Software Bill of Materials
Defending Against Software Supply Chain Attacks
Internet of Things (IoT) Acquisition Guidance
NIST Cyber Supply Chain Risk Management Publications
Program/Initiative Status
Active
Return to top