More

    Piloting Supply Chain Risk Management Practices for Federal Information Systems

    Piloting Supply Chain Risk Management Practices for Federal Information Systems

    Your supply chain is one of the most critical-and vulnerable-data pipelines for your organization. This policy document is a starting point for a broader initiative to lock down your supply chain to outside and inside threats.

    Supply chain attacks may involve manipulating computing system hardware, software or
    services at any point during the life cycle. Supply chain attacks are typically
    conducted or facilitated by individuals or organizations that have access through
    commercial ties, leading to stolen critical data and technology, corruption of the
    system/infrastructure and/or disabling of mission-critical operations.

    Organizations must assess and manage supply chain risks to ensure mission success.
    The goal of this document is to help manage these supply chain risks by providing
    organizations with a defense-in-breadth toolset of supply chain assurance programmatic
    activities that the organization implements as well as general and technical
    requirements that the organization can place in contractual documents. This document
    represents a component of a broader supply chain risk management strategy that includes
    a variety of policies, standards, regulatory changes and implementation frameworks.

    The attached Zip file includes:

    • Intro Page.doc
    • Cover Sheet and Terms.doc
    • Piloting Supply Chain Risk Management Practices for Federal Information
      Systems.pdf

    Latest Articles