Embedding Sound Risk Management Practices into an Organization
Core principles for risk management adoption within an organization.
According to the National Institute of Standards and Technology (NIST), most attacks on supply chain software, hardware and services are initiated or directed by people or organizations that have access through commercial ties. These attacks result in damage to mission-critical operations, data and technology theft and corrupted systems and infrastructure.
The NIST created the document "Piloting Supply Chain Risk Management Practices for Federal Information Systems" to help organizations assess and manage risks to the supply chain. It includes policies, regulatory changes, standards and implementation frameworks to assist in the creation of a risk management strategy.
Use these NIST tools to build safeguards into contractual documents and protect your supply chain throughout the life cycle.