Back

Disseminate and communicate the supply chain risk management procedures to all interested personnel and affected parties.


CONTROL ID
14712
CONTROL TYPE
Communicate
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Include supply chain risk management procedures in the risk management program., CC ID: 13190

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, FedRAMP Security Controls High Baseline, Version 5)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, FedRAMP Security Controls Low Baseline, Version 5)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, FedRAMP Security Controls Moderate Baseline, Version 5)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Procedures to facilitate the implementation of the supply chain risk management policy and the associated supply chain risk management controls; (SR-1a.2, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)