Sorry, you need to enable JavaScript to visit this website.
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home

Cyber Risk Management

Cyber Supply Chain Risk Management involves identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of ICT/OT product and service supply chains. It covers the entire lifecycle of a system (including design, development, distribution, deployment, acquisition, maintenance, and destruction).

 

 

 

This training has been designed to assist the learner with developing an understanding of cyber supply chain risk management, also known as C-SCRIM, and the role it plays within our society today.

Related Program / Initiative:

Communications Supply Chain Risk Information Partnership (C-SCRIP)
Related Links
Software Bill of Materials (SBOM) Resources Library
Guide to Getting Started with a Cybersecurity Risk Assessment
Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities
Quick Start Guide: NIST CSF 2.0 C-SCRM
A Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management
NISTIR 8276 Key Practices in Cyber Supply Chain Risk Management: Observations from Industry
NIST 800-161, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations
Securing the Software Supply Chain: Recommended Practices Guide for Customers
Report on Recommended Best Practices to Improve Communications Supply Chain Security
NTIA Releases Minimum Elements for a Software Bill of Materials
Defending Against Software Supply Chain Attacks
Internet of Things (IoT) Acquisition Guidance
NIST Cyber Supply Chain Risk Management Publications
Program/Initiative Status
Active
Return to top