Skip to main content

πŸ’Ό RA-3(1) Supply Chain Risk Assessment (L)(M)(H)

  • Contextual name: πŸ’Ό RA-3(1) Supply Chain Risk Assessment (L)(M)(H)
  • ID: /frameworks/fedramp-high-security-controls/ra/03/01
  • Located in: πŸ’Ό RA-3 Risk Assessment (L)(M)(H)

Description​

(a) Assess supply chain risks associated with [Assignment: organization-defined systems, system components, and system services]; and

(b) Update the supply chain risk assessment [Assignment: organization-defined frequency], when there are significant changes to the relevant supply chain, or when changes to the system, environments of operation, or other conditions may necessitate a change in supply chain.

Similar​

  • Sections
    • /frameworks/nist-sp-800-53-r5/ra/03/01
  • Internal
    • ID: dec-c-9a376efb

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό RA-3(1) Risk Assessment _ Supply Chain Risk Assessment

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό RA-3(1) Supply Chain Risk Assessment (L)(M)(H)
πŸ’Ό FedRAMP Moderate Security Controls β†’ πŸ’Ό RA-3(1) Supply Chain Risk Assessment (L)(M)(H)

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags