NRMC Resources


This page provides National Risk Management Center (NRMC) outreach materials, information, and guides. Download and share these NRMC resources to enhance critical infrastructure security and resilience.

New Resources

  • CISA Insights: Risk Considerations for Managed Service Provider Customers: This resource provides a framework that government and private sector organizations (to include small and medium-sized businesses) outsourcing some level of IT support to MSPs can use to better mitigate against third-party risk.

  • We’re excited to share two videos showcasing CISA's Resilience Series graphic novels: the Real Fake trailer and the Bug Bytes trailer. Inspired by real events, Real Fake and Bug Bytes demonstrate the dangers and risks associated with mis-, dis-, and malinformation, and how threat actors capitalize on political and social issues to spread inaccurate information to targeted audiences to steer their opinion. 

  • Sign Up for a .gov Domain: Information for Election Officials: This fact sheet explains the importance for election officials to sign up for a .gov domain. Election officials continue to combat false and misleading election information, making it increasingly difficult to identify trusted sources of information. As the Agency that oversees the .gov top-level domain, CISA provides .gov domains for election offices to help the public quickly identify accurate election information.

  • CISA Insights: Chain of Custody and Critical Infrastructure Systems. This CISA Insights provides critical infrastructure owners/operators an overview of what chain of custody is, highlights the potential impacts and risks resulting from a broken chain of custody, and offers an initial framework for securing chain of custody for their physical and digital assets.

  • Threat Scenarios Report (Version 3): Developed by the ICT Supply Chain Risk Management (SCRM) Task Force, this report provides a practical, example-based guidance on supplier SCRM threat analysis and evaluation that can be applied by procurement or source selection officials. The latest version adds the assessment of products and services to include scenario-specific impacts and mitigating controls to the supplier threat scenarios.

Fact Sheets and CISA Insights

Infographics and Graphic Novels

Papers, Reports, and Toolkits

ICT Supply Chain Risk Management (SCRM) Task Force Products

Election Security Resources

These voluntary resources were developed by the Election Infrastructure Subsector’s Government Coordinating Council (GCC) and Sector Coordinating Council (SCC) to assist election officials and voters prepare for impacts to possible COVID-19 related impacts to upcoming elections. 

COVID-19 & Election Security

In-Person Voting Materials

#Protect2020 Resources

Policy Documents | Guidance

Was this webpage helpful?  Yes  |  Somewhat  |  No