Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publication Citation: Practices for Managing Supply Chain Risks to Protect Federal Information Systems

NIST Authors in Bold

Author(s): Shirley M. Radack;
Title: Practices for Managing Supply Chain Risks to Protect Federal Information Systems
Published: November 27, 2012
Abstract: This bulletin summarizes the information that is included in NISTIR 7622, Notional Supply Chain Risk Management Practices for Federal Information Systems. This publication provides federal departments and agencies with a notional set of repeatable and commercially reasonable supply chain assurance methods and practices to strategically manage information and communications technology (ICT) supply chain risks over the life cycle of ICT systems, products, and services. The bulletin summarizes NISTIR 7622, and provides information on how ICT supply chain risk management (SCRM) considerations can be integrated into the federal acquisition life cycle. It was written by Jon Boyens and Celia Paulsen of NIST, Rama Moorthy of Hatha Systems, and Nadya Bartol and Stephanie Shankles of Booz Allen and Hamilton. References are provided to NIST publications and other information.
Citation: ITLB -
Pages: 6 pp.
Keywords: computer security, communications technology, cyber security, federal organizations, information security, information technology, supply chain risk management, system development life cycle, system developers, system integrators, suppliers, threats, vulnerabilities
Research Areas: Computer Security, Cybersecurity
PDF version: PDF Document Click here to retrieve PDF version of paper (378KB)