PUBLICATION

Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists

Revision Date

April 12, 2021

Related topics:

Critical Infrastructure Security and Resilience, Risk Management, Information and Communications Technology Supply Chain Security

Developed by the ICT Supply Chain Risk Management Task Force, this report provides organizations a list of criteria and factors that can be used to inform an organization's decision to build or rely on a qualified list for the acquisition of information and communications technology (ICT) products and services.

The Task Force analyzed five case studies that led to the development of an overarching set of common ICT SCRM evaluation criteria control categories to be considered when building a qualified list program that, in whole or in part, seeks to manage supply chain risks.

We welcome your feedback! Please share your thoughts about this product through this voluntary, anonymous Product Feedback Survey.

Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists

Resource Materials

Tags

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Cybersecurity Advisory Committee (CSAC) Subcommittee Fact Sheet

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists

Resource Materials

Tags

Related Resources

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Cybersecurity Advisory Committee (CSAC) Subcommittee Fact Sheet

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity