Skip to content

Latest commit

 

History

History
5 lines (5 loc) · 903 Bytes

ir-6-3.md

File metadata and controls

5 lines (5 loc) · 903 Bytes

NIST 800-53v5 - IR-6.3 - Supply Chain Coordination

Guidance

Organizations involved in supply chain activities include product developers, system integrators, manufacturers, packagers, assemblers, distributors, vendors, and resellers. Entities that provide supply chain governance include the Federal Acquisition Security Council (FASC). Supply chain incidents include compromises or breaches that involve information technology products, system components, development processes or personnel, distribution processes, or warehousing facilities. Organizations determine the appropriate information to share and consider the value gained from informing external organizations about supply chain incidents, including the ability to improve processes or to identify the root cause of an incident.

Mapped SCF controls