Supply chain risk management (SCRM) is the process of identifying, assessing, and mitigating the risks associated with the global and distributed nature of ICT product and service supply chains. Many of the manufacturing inputs for these ICT products and services originate from a variety of sources throughout the world. (See figure 1.). The Roadmap identified Cyber Supply Chain Risk Management (Cyber SCRM) as an area for future focus. Since the release of the Framework and in support of the companion Roadmap, NIST has researched industry best practices in cyber supply chain risk management through engagement with industry leaders.
For charter arrangements, please contact the Charter Coordinator at 803-635-9893 or charters@scrm.org or write: Attn: Charter Coordinator, The South Carolina. Supply chain risk management (SCRM) is 'the implementation of strategies to manage both everyday and exceptional risks along the supply chain based on continuous risk assessment with the objective of reducing vulnerability and ensuring continuity'.
Job Aids
- Supply Chain Resilience Month Poster 8.5 x 11 / 17 x 22
- Deliver Uncompromised Campaign Poster 8.5 x 11 / 17 x 22
eLearning Courses
Scdmv
- DOD Supply Chain FundamentalsDAU-CLL037.16
- Contracting for the Rest of UsDAU-CLC011.16
- Life Cycle Logistics for the Rest of UsDAU-CLL004.16
Webinars
Supply Chain Risk Management Policy
Security Training Videos
Threat Awareness
- Computer Security Resource Center NIST
- NCSC Supply Chain Threats
- Software and Supply Chain Assurance DHS US CERT Website
Best Practices
Scrmc Employee Login
- Defense Acquisition Portal SCRM Blog
- Computer Security Resource Center NIST
- The U.S. Resilience Project
Scrm Policy
Toolkit feedback/suggestions? Email dcsa.cdsetraining@mail.mil.