• Joshua Duvall

NIST Seeks Pre-Draft Comments on Supply Chain Risk Management Special Publication 800-161r1

On February 4, 2020, the National Institute of Standards and Technology ("NIST") issued a pre-draft call for comments to Special Publication 800-161r1, Supply Chain Risk Management Practices for Federal Information Systems and Organizations.

Since its publication in 2015, there have been many changes in the laws, regulations, tools, and technologies related to supply chain risk management.  To that end, in consistent with past updates, NIST:

  • seeks the input of SP 800-161 stakeholders to ensure Revision 1 will continue to deliver a single set of cyber supply chain risk management practices to help federal departments and agencies manage the risks associated with the acquisition and use of IT/OT products and services in a way that is functional and usable.

According to the release, NIST seeks input on the following:

  • Additions, changes, or removals of ICT SCRM guidance, tiers, controls or control enhancements along with a rationale for the addition, change or removal of the ICT SCRM guidance, tiers, controls or enhancements.

Comments are due by February 28, 2020 via email to scrm-nist@nist.gov.

PRE-DRAFT Call for Comments: Supply Chain Risk Management Practices for Federal Information Systems and Organizations

. . .

#cyberjudicata #cyber

Recent Posts

See All

President Signs New Space Policy Directive

On September 4, 2020, President Trump signed Space Policy Directive-5 (SPD-5), which establishes a set of cybersecurity principles designed to protect the nation's valuable "space systems" from a host


Trusted Relationship.

Trusted Resource.

Washington, DC


© 2020 Matross Edwards LLC. All rights reserved. Attorney Advertising.

  • LinkedIn
  • Twitter
  • Podcast
  • gcj_box
  • cj_box
Matross Edwards - Logo.png