Supply Chain Risk Management (SCRM)
Overview
In the modern threat landscape, your security is only as strong as your weakest vendor. Supply Chain Risk Management (SCRM) is now a critical component of the RMF lifecycle, emphasizing that cyber risks often enter organizations through third-party hardware, software, and services.
This course provides a strategic and practical understanding of how to protect the DoD and Federal Supply Chain. We move beyond basic concepts to discuss the implementation of the new SR (Supply Chain Risk Management) family of controls introduced in NIST SP 800-53 Revision 5.
Course Prerequisite
A foundational understanding of the Risk Management Framework (RMF) is required. Familiarity with NIST SP 800-53 controls is highly recommended.
Course Agenda
Foundations of C-SCRM
- β Understanding SCRM Concepts
- β The Cybersecurity Aspect of Supply Chains
- β Core Principles of the SCRM Framework
- β Identifying Potential Risks & Threats
Implementation & Compliance
- β Protecting the DoD Supply Chain
- β NIST Security Controls for SCRM (Rev 5)
- β Mitigation Strategies & Best Practices
- β Class Activity: SCRM Concepts Quiz
Who Should Attend?
This course is designed for professionals responsible for acquisition, procurement, and security authorization within the federal ecosystem.
- DoD Service Members & Civil Personnel: Overseeing acquisition programs.
- Contractors & Vendors: Who must demonstrate supply chain integrity to the government.
- ISSOs & Security Engineers: Implementing the new NIST Rev 5 SR controls.
Delivery Methods
Online Personal Classroomβ’
Offered on a regular basis as an online, instructor-led class.
Private Groups
Available as a "Friday supplemental class" for organizations wishing to add C-SCRM to their RMF training.
Request Training
Flexible Scheduling
Scheduled regularly online.
Private Groups
Secure your supply chain.