{"id":1910,"date":"2024-08-27T16:44:26","date_gmt":"2024-08-27T16:44:26","guid":{"rendered":"https:\/\/www.tarleton.edu\/security-controls-catalog\/?page_id=1910"},"modified":"2024-09-04T18:04:07","modified_gmt":"2024-09-04T18:04:07","slug":"sr-2-supply-chain-risk-management-plan","status":"publish","type":"page","link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/supply-chain-risk-management-sr\/sr-2-supply-chain-risk-management-plan\/","title":{"rendered":"SR-2: Supply Chain Risk Management Plan"},"content":{"rendered":"\n<h1 class=\"wp-block-heading has-large-font-size\">SR-2: Supply Chain Risk Management Plan<\/h1>\n\n\n\n<div style=\"height:20px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>NIST Baseline: <\/strong>Low&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>DIR Required By:<\/strong> &nbsp;07\/20\/2023&nbsp;<\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-size:16px\"><strong>Review Date: \u00a0<\/strong>08\/22\/2024\u00a0<\/h2>\n\n\n\n<ul class=\"wp-block-list its-nested-list\">\n<li>It is the responsibility of the Tarleton State University (Tarleton) Chief Information Security Officer (CISO) to:&nbsp;\n<ul class=\"wp-block-list\">\n<li>Develop a plan for managing supply chain risks associated with the research and development, design, manufacturing, acquisition, delivery, integration, operations, and disposal of university systems, system components or system services;&nbsp;<\/li>\n\n\n\n<li>Implement the supply chain risk management plan consistently across the university;&nbsp;<\/li>\n\n\n\n<li>Review and update the supply chain risk management annually to address threat, organizational or environmental changes; and&nbsp;<\/li>\n\n\n\n<li>Protect the supply chain risk management plan from unauthorized disclosure and modification.&nbsp;<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator alignfull has-text-color has-tarleton-purple-color has-alpha-channel-opacity has-tarleton-purple-background-color has-background is-style-wide\"\/>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><strong>References\/Additional Resources<\/strong><\/h3>\n\n\n\n<p><a href=\"https:\/\/www.congress.gov\/bill\/115th-congress\/senate-bill\/3085\" target=\"_blank\" rel=\"noreferrer noopener\">FASC18<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/www.ecfr.gov\/current\/title-41\/subtitle-D\/chapter-201\" target=\"_blank\" rel=\"noreferrer noopener\">41 CFR 201<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/www.federalregister.gov\/documents\/2019\/05\/17\/2019-10538\/securing-the-information-and-communications-technology-and-services-supply-chain\" target=\"_blank\" rel=\"noreferrer noopener\">EO 13873<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/Presentations\/2017\/Committee-on-National-Security-Systems-(CNSS)-Dire\" target=\"_blank\" rel=\"noreferrer noopener\">CNSSD 505<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/30\/r1\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-30<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/39\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-39<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/160\/v1\/r1\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP-800-160-1<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/161\/r1\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-161<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/181\/r1\/final\" target=\"_blank\" rel=\"noreferrer noopener\">SP 800-181<\/a>&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/csrc.nist.gov\/pubs\/ir\/7622\/final\" target=\"_blank\" rel=\"noreferrer noopener\">IR 7622<\/a>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SR-2: Supply Chain Risk Management Plan NIST Baseline: Low&nbsp; DIR Required By: &nbsp;07\/20\/2023&nbsp; Review Date: \u00a008\/22\/2024\u00a0 References\/Additional Resources FASC18&nbsp; 41 CFR 201&nbsp; EO 13873&nbsp; CNSSD 505&nbsp; SP 800-30&nbsp; SP 800-39&nbsp; &#8230;<\/p>\n","protected":false},"author":1,"featured_media":580,"parent":1983,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"inline_featured_image":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"class_list":["post-1910","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"coauthors":[],"author_meta":{"author_link":"https:\/\/www.tarleton.edu\/security-controls-catalog\/author\/brian-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-2-3\/","display_name":"brian"},"relative_dates":{"created":"Posted 2 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on August 27, 2024","modified":"Updated on September 4, 2024"},"absolute_dates_time":{"created":"Posted on August 27, 2024 4:44 pm","modified":"Updated on September 4, 2024 6:04 pm"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1910","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/comments?post=1910"}],"version-history":[{"count":0,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1910\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/pages\/1983"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.tarleton.edu\/security-controls-catalog\/wp-json\/wp\/v2\/media?parent=1910"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}