πΌ SR-2 Supply Chain Risk Management Plan (L)(M)(H)
- Contextual name: πΌ SR-2 Supply Chain Risk Management Plan (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/sr/02 - Located in: πΌ Supply Chain Risk Management
Descriptionβ
a. Develop a plan for managing supply chain risks associated with the research and development, design, manufacturing, acquisition, delivery, integration, operations and maintenance, and disposal of the following systems, system components or system services [Assignment: organization-defined systems, system components, or system services]
b. Review and update the supply chain risk management plan [FedRAMP Assignment: at least annually] or as required, to address threat, organizational or environmental changes; and
c. Protect the supply chain risk management plan from unauthorized disclosure and modification.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/sr/02
- Internal
- ID:
dec-c-e25d0f35
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ SR-2 Supply Chain Risk Management Plan | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP Low Security Controls β πΌ SR-2 Supply Chain Risk Management Plan (L)(M)(H) | 1 | |||
| πΌ FedRAMP Moderate Security Controls β πΌ SR-2 Supply Chain Risk Management Plan (L)(M)(H) | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ SR-2(1) Establish SCRM Team (L)(M)(H) |