SA-12: Supply Chain Protection

From NIST's SP800-53:

[Withdrawn: Incorporated into SR Family.]

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Search:

Control ID	Description
ID.SC-2	Suppliers and third party partners of information systems, components, and services are identified, prioritized, and assessed using a cyber supply chain risk assessment process
ID.SC-1	Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders
ID.SC-4	Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations.
PR.IP-2	A System Development Life Cycle to manage systems is implemented
ID.BE-1	The organization’s role in the supply chain is identified and communicated
ID.SC-3	Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and Cyber Supply Chain Risk Management Plan.

Showing 1 to 6 of 6 entries

Previous
1
Next