Operationalizing Vendor Supply Chain Risk Management Template for Small and Medium-Sized Businesses and Excel

Revision Date

Developed by the ICT Supply Chain Risk Management Task Force, this resource gears the applicability of the enterprise Vendor Template to be used specifically by SMBs. The product provides guidance on applying industry standards and best practices for reporting and vetting processes when purchasing ICT hardware, software, and services. Additionally, download the spreadsheet version of this SMB Vendor SCRM Template, which is as an alternate tool to utilize this product, intended to allow options to accommodate yes, no, or partial responses to each of the questions.

Note: This spreadsheet (excel file) was produced by the ICT SCRM Task Force as a tool to assist SMBs in using the Vendor SCRM Template to assess their risk posture. This spreadsheet is a voluntary tool. CISA is not collecting any information. Users must download the spreadsheet to complete the fields.

We welcome your feedback! Please share your thoughts about this product through this voluntary, anonymous Product Feedback Survey