NIST SP 800-161 (Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations) provides guidance for managing cybersecurity risks throughout the supply chain. Revised in 2022 (Revision 1), it covers C-SCRM program establishment, supplier risk assessments, supplier security requirements, software Supply Chain Risk Management, and integration with enterprise risk management.
Keep Exploring