• Joshua Duvall

NIST Seeks Pre-Draft Comments on Supply Chain Risk Management Special Publication 800-161r1

On February 4, 2020, the National Institute of Standards and Technology ("NIST") issued a pre-draft call for comments to Special Publication 800-161r1, Supply Chain Risk Management Practices for Federal Information Systems and Organizations.

Since its publication in 2015, there have been many changes in the laws, regulations, tools, and technologies related to supply chain risk management.  To that end, in consistent with past updates, NIST:

  • seeks the input of SP 800-161 stakeholders to ensure Revision 1 will continue to deliver a single set of cyber supply chain risk management practices to help federal departments and agencies manage the risks associated with the acquisition and use of IT/OT products and services in a way that is functional and usable.

According to the release, NIST seeks input on the following:

  • Additions, changes, or removals of ICT SCRM guidance, tiers, controls or control enhancements along with a rationale for the addition, change or removal of the ICT SCRM guidance, tiers, controls or enhancements.

Comments are due by February 28, 2020 via email to scrm-nist@nist.gov.

PRE-DRAFT Call for Comments: Supply Chain Risk Management Practices for Federal Information Systems and Organizations

. . .

#cyberjudicata #cyber

Recent Posts

See All

DoD Issues Proposed Rule on Enhanced Debriefings

Today, the Department of Defense ("DoD") published its long-awaited proposed rule on enhanced postaward debriefings as provided under Section 818 of the National Defense Authorization Act for Fiscal Y

SBA Extends HUBZone Map Freeze Through June 2023

Today, the U.S. Small Business Administration ("SBA") published a direct final rule to extend the Historically Underutilized Business Zone ("HUBZone") program map freeze until June 30, 2023. SBA's pr