💼 SR-2 Supply Chain Risk Management Plan (L)(M)(H)
- ID:
/frameworks/fedramp-low-security-controls/sr/02
Description​
a. Develop a plan for managing supply chain risks associated with the research and development, design, manufacturing, acquisition, delivery, integration, operations and maintenance, and disposal of the following systems, system components or system services [Assignment: organization-defined systems, system components, or system services]
b. Review and update the supply chain risk management plan [FedRAMP Assignment: at least annually] or as required, to address threat, organizational or environmental changes; and
c. Protect the supply chain risk management plan from unauthorized disclosure and modification.
Similar​
- Sections
/frameworks/nist-sp-800-53-r5/sr/02/frameworks/fedramp-high-security-controls/sr/02
- Internal
- ID:
dec-c-e25d0f35
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 SR-2 Supply Chain Risk Management Plan (L)(M)(H) | 1 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SR-2 Supply Chain Risk Management Plan | 1 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 SR-2(1) Establish SCRM Team (L)(M)(H) | no data |