Services and tools that help establish an organization's priorities, constraints, risk tolerances and assumptions, and support risk decisions associated with managing supply chain risk. Select the services and agency provider logos below to contact service providers directly and learn more about how to obtain these services.
Supply Chain Risk Assessments 
DOJ performs research and analysis of hardware and software acquisitions to identify supply chain risks, including vendor insolvency and litigation, cyber terrorism, malware, data theft, and Advanced Persistent Threat (APT) risks. When DOJ’s point-in-time assessment is completed, a summary risk assessment report is provided, including recommendations for risk mitigations.
Supply Chain Risk Management (SCRM) Program Management and Advisory Support
DOJ provides agencies with program management and advisory support in Supply Chain Risk Management. DOJ helps agencies develop a SCRM methodology, including Standard Operating Procedures (SOPs), for completing risk assessments and maintenance of program documentation based on regulatory / policy analysis and threat intelligence.
Supply Chain Threat Intelligence
DOJ monitors and analyzes classified and open source threat intelligence to maintain situational awareness and ensure that emerging threats are properly identified and assessed.