The ICT Supply Chain Risk Management (SCRM) Task Force Small and Medium-sized Businesses (SMB) Working Group (WG) was created with the purpose of tailoring Task Force products to make them more applicable to SMBs which may find it difficult to institutionalize federal supply chain guidance due to limited finances, resources, and employees.
This guide, Operationalizing the Vendor SCRM Template for SMBs, focuses on making the enterprise Vendor SCRM Template, released earlier this year, more accessible and usable for SMBs. In the SMB-version, the WG assessed ICT supply chain risk posture from the perspective of the acquirer, integrator, and supplier to provide a set of questions regarding an SMB’s implementation and application of industry standards and best practices that can help guide supply chain risk planning.
Additionally, download the spreadsheet version as an alternate tool to utilize this product, intended to allow options to accommodate yes, no, or partial responses to each of the questions.
Note: This spreadsheet (excel file) was produced by the ICT SCRM Task Force as a tool to assist SMBs in using the Vendor SCRM Template to assess their risk posture. This spreadsheet is a voluntary tool. CISA is not collecting any information. Users must download the spreadsheet to complete the fields.
Return to ICT SCRM Task Force.