Supply Chain Council of European Union | Scceu.org
News

NIST to Update Supply Chain Risk Guidance – MeriTalk

The National Institute of Standards and Technology (NIST) is seeking input from stakeholders on an update to NIST Special Publication (SP) 800-161: Supply Chain Risk Management Practices for Federal Information Systems and Organizations.

SP 800-161, first published in 2015, was established to provide guidance to Federal agencies on mitigating information and communications (ICT) supply chain risks.

In a pre-draft call for comments, however, NIST says that “many things have changed in the laws, regulations, tools, technologies, and best practices encompassing the [ICT] supply chain risk management ecosystem.”

Transforming workflows enables a service-focused government. Learn More

The updated version of SP 800-161 will include:

  • Lessons learned since the original SP was implemented;
  • Updates to select NIST guidance such as NIST SP 800-37 Rev. 2, Draft NIST SP 800-53 Rev. 5, and Cybersecurity Framework v1.1; and
  • “Priorities of the Administration.”

“NIST seeks the input of SP 800-161 stakeholders to ensure Revision 1 will continue to deliver a single set of cyber supply chain risk management practices to help Federal departments and agencies manage the risks associated with the acquisition and use of IT/operational technology products and services in a way that is functional and usable,” the pre-draft said.

Comment submissions on the update are due no later than Feb 28.

Related posts

‘Normalise supply chain soon to avoid running out of stock’

scceu

Iowa entrepreneur wants to make fashion supply chain sustainable

scceu

MHI Vestas bolsters Taiwan supply chain ties – reNews

scceu