CMMC Practices
Reference: CMMC 2.11
Family: RA
Level Introduced: 3
Title: Supply Chain Risk Plan
Practice:
Develop a plan for managing supply chain risks associated with organizational systems and system components; update the plan at least annually, and upon receipt of relevant cyber threat information, or in response to a relevant cyber incident.
NIST 800-172 Requirements (1)
This is for registered users only. Please sign up for a free account, or Login, to see complete cross references to other standards and frameworks.
Source: CMMC v2.0