Security and Privacy Controls for Information Systems and Organizations
SUPPLY CHAIN RISK MANAGEMENT
The SUPPLY CHAIN RISK MANAGEMENT Playbook addresses the following areas:
- Policy and Procedures
- Supply Chain Risk Management Plan
- Supply Chain Controls and Processes
- Provenance
- Acquisition Strategies, Tools, and Methods
- Supplier Assessments and Reviews
- Supply Chain Operations Security
- Notification Agreements
- Tamper Resistance and Detection
- Inspection of Systems or Components
- Component Authenticity
- Component Disposal
The SUPPLY CHAIN RISK MANAGEMENT Playbook is included in the Security and Privacy Controls for Information Systems and Organizations (NIST 80-53) Library which has been developed by the U.S. Department of Commerce's National Institute of Standards and Technology (NIST). It establishes controls for systems and organizations. The controls can be implemented within any organization or system that processes, stores, or transmits information.