Supply Chain Risk Management
The U.S. government is moving to address risks to the supply chain.
The National Counter Intelligence and Security Center has released a guide outlining steps that the government is taking to reducing threats to key U.S. supply chains. These actions include:
Enhancing capabilities to detect and respond to supply chain threats.
Advancing supply chain integrity and security across the federal government.
Expanding outreach on supply chain threats, risk management, and best practices.
These actions will impact the private sector, as well. The document outlines the federal government's plan to secure themselves from risks associated by third parties. The plan is to:
Conduct Due Diligence.
Assess first-tier suppliers regularly to increase visibility into third-party suppliers and service providers. Leverage this data to properly vet vendors who are providing key components to critical systems and networks.
Incorporate SCRM Requirements into Contracts.
Use SCRM-related security requirements as a primary metric – just like cost, schedule, and performance - for measuring a suppliers’ compliance with the contract. These security requirements include personnel security and system and services acquisition, and are fully described in NIST SP 800-161.
Monitor suppliers’ compliance to SCRM-related security requirements throughout the supply chain lifecycle, even when terminating supplier relationships.
Tuearis stands ready to help your organization be secure from outside threats as well as maintain security compliance requirements so that you can focus on providing key services to your clients. Don't lose sleep over new compliance requirements. Let Tuearis help you REST SECURED.
Read the document in its entirety here.