NIST CSF 2.0 elevated Supply Chain Risk Management by including C-SCRM in the Govern (GV) function as a core subcategory, and supply chain risk assessment in the Identify (ID) function. CSF 2.0 reflects the increased focus on supply chain threats compared to earlier versions, with supply chain considerations integrated across multiple functions.
Keep Exploring