Secure Controls Framework
Download The SCF
SCRM/C-SCRM

How does NIST CSF address Supply Chain Risk Management?

Direct Answer

NIST CSF 2.0 elevated Supply Chain Risk Management by including C-SCRM in the Govern (GV) function as a core subcategory, and supply chain risk assessment in the Identify (ID) function. CSF 2.0 reflects the increased focus on supply chain threats compared to earlier versions, with supply chain considerations integrated across multiple functions.

Keep Exploring

Relevant Resources

References

Authoritative Sources