SAMMY UI is optimized for resolutions with a width 1024px and higher.
NIST CSF 2.0
Browse NIST CSF 2.0
GV.SC-01: Supply Chain Risk Management Program
GV.SC-02: Third Party Roles and Responsibilities
GV.SC-03: Supply Chain Risk Management Integration
GV.SC-04: Supplier Identification and Prioritization
GV.SC-05: Supplier Cybersecurity Risk Requirements
GV.SC-06: Third Party Due Diligence
GV.SC-07: Third Party Risk Assessment
GV.SC-08: Third Party Incident Management Integration
GV.SC-09: Supply Chain Security Practice Integration
GV.SC-10: Post-Agreement Activities Planning
Post-Agreement Activities Planning
GV.SC-10: Cybersecurity supply chain risk management plans include provisions for activities that occur after the conclusion of a partnership or service agreement
  • Ex1:  Establish processes for terminating critical relationships under both normal and adverse circumstances
  • Ex2:  Define and implement plans for component end-of-life maintenance support and obsolescence
  • Ex3:  Verify that supplier access to organization resources is deactivated promptly when it is no longer needed
  • Ex4:  Verify that assets containing the organization’s data are returned or properly disposed of in a timely, controlled, and safe manner
  • Ex5:  Develop and execute a plan for terminating or transitioning supplier relationships that takes supply chain security risk and resiliency into account
  • Ex6:  Mitigate risks to data and systems created by supplier termination
  • Ex7:  Manage data leakage risks associated with supplier termination
Description

Cybersecurity supply chain risk management plans include provisions for activities that occur after the conclusion of a partnership or service agreement