CISA’S ICT Supply Chain Risk Management Task Force to Develop Attestation Frameworks
The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved the creation of a new working group to develop attestation frameworks around various aspects of supply chain risk management best practices.
The goal of the framework is to help organizations address a number of key focus areas, including supplier risk, product lifecycle management, business process controls, physical security, data security and product cybersecurity.