03.17 Supply Chain Risk Management (SR)

Home ‣System Security Plan R3 (SSP) ‣03 Control Families (CF) ‣03.17 Supply Chain Risk Management (SR)

Introduction

NIST 800-171 Revision 3's "Supply Chain Risk Management" family emphasizes the importance of managing risks associated with external providers. It requires organizations to implement a plan for managing supply chain risks, including acquisition strategies and tools to identify and mitigate potential threats. Additionally, it mandates the establishment of controls and processes to address vulnerabilities and deficiencies within the supply chain.

Comment By wno***@q4q.com

Sunday 16th of February 2025

Phase 1 - A suggested method would be to include in your policy, a statement that specifically addresses supply chain risk management, in line with NIST 800-171 Revision 3. This section should detail our plan for identifying, assessing, and mitigating supply chain risks. We need to outline our acquisition strategies, including how we vet and select vendors, and what tools we'll use to monitor for potential threats and vulnerabilities. Crucially, this policy section must also document the specific controls and processes we'll implement to address any identified supply chain weaknesses, ensuring we're proactively managing risks from our external providers.

Allow Members to Add Personal Content (disabled)

What is XNETD?

XNETD is a developer of tools that assist in maintaining your network infrastructure. Every network to function properly it needs the right tools — we develop those tools.

Developer:

William Noble

Phone:

814-580-8767

Email:

wnoble2005@gmail.com

Address:

6766 Old Ridge Rd, Fairview, PA 16415

About Me:

whoiswilliamnoble.com

03.17 Supply Chain Risk Management...

03.17.01 Supply Chain Risk Management Plan

03.17.02 Acquisition Strategies, Tools, and Methods

03.17.03 Supply Chain Requirements and Processes

Introduction

Introduction

Modal Title

Login Modal