14 DAY TRIAL // The United States National Institute of Standards and Technology has published a draft of the Supply Chain Risk Management Practices for Federal Information Systems and Organizations (NIST Special Publication 800-161).
The paper aims at providing federal departments and agencies with guidance on how to identify, assess and mitigate information and communications technology supply chain risks.
“NIST SP 800-161 integrates ICT supply chain risk management (SCRM) into federal agency enterprise risk management activities by applying a multi-tiered SCRM-specific approach, including supply chain risk assessments and supply chain risk mitigation activities and guidance,” the document reads.
Comments on the draft can be submitted to [email protected] with "Comments NIST SP 800-161" in the subject line by October 15, 2013.
The complete 278-page document is available on NIST’s website, here.