SAMMY UI is optimized for resolutions with a width 1024px and higher.
NIST CSF 2.0
Browse NIST CSF 2.0
GV.SC-01: Supply Chain Risk Management Program
GV.SC-02: Third Party Roles and Responsibilities
GV.SC-03: Supply Chain Risk Management Integration
GV.SC-04: Supplier Identification and Prioritization
GV.SC-05: Supplier Cybersecurity Risk Requirements
GV.SC-06: Third Party Due Diligence
GV.SC-07: Third Party Risk Assessment
GV.SC-08: Third Party Incident Management Integration
GV.SC-09: Supply Chain Security Practice Integration
GV.SC-10: Post-Agreement Activities Planning
Supply Chain Risk Management Integration
GV.SC-03: Cybersecurity supply chain risk management is integrated into cybersecurity and enterprise risk management, risk assessment, and improvement processes
  • Ex1:  Identify areas of alignment and overlap with cybersecurity and enterprise risk management
  • Ex2:  Establish integrated control sets for cybersecurity risk management and cybersecurity supply chain risk management
  • Ex3:  Integrate cybersecurity supply chain risk management into improvement processes
  • Ex4:  Escalate material cybersecurity risks in supply chains to senior management, and address them at the enterprise risk management level
Description

Cybersecurity supply chain risk management is integrated into cybersecurity and enterprise risk management, risk assessment, and improvement processes