Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Cybersecurity Supply Chain Risk Management (C-SCRM)

Published

Author(s)

Jon M. Boyens, Rebecca McWhite, Laura Calloway, Nadya Bartol, Karen Scarfone

Abstract

Use the CSF to Improve Your C-SCRM Processes. The CSF can help an organization become a smart acquirer and supplier of technology products and services. This guide focuses on two ways the CSF can help you: 1) Use the CSF's GV.SC Category to establish and operate a C-SCRM capability. 2) Define and communicate supplier requirements using the CSF.
Citation
Special Publication (NIST SP) - 1305
Report Number
1305

Keywords

Cybersecurity supply chain risk management (C-SCRM), NIST Cybersecurity Framework (CSF) 2.0

Citation

Boyens, J. , McWhite, R. , Calloway, L. , Bartol, N. and Scarfone, K. (2024), NIST Cybersecurity Framework 2.0: Quick-Start Guide for Cybersecurity Supply Chain Risk Management (C-SCRM), Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.1305 , https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=958604 (Accessed November 9, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 21, 2024